CVE-2026-10629

Vulnerability Description

SIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec integrity protection (missing Security-Client/Security-Server headers and ESP traffic), which allows an on-path attacker to compromise confidentiality, integrity, and authenticity of VoLTE signaling via passive monitoring and active manipulation of unsecured SIP messages over the radio and core network.

Vulnerability Details

Published Date

June 02, 2026

Last Modified

June 02, 2026

Source

NVD

Vendor

Verizon

Product

VoLTE

External References

https://www.3gpp.org/DynReport/33203.htm
https://www.kb.cert.org/vuls/id/615987

CVE-2026-10629

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment