Unrated severityNVD Advisory· Published Oct 23, 2007· Updated Apr 23, 2026

CVE-2007-5638

Description

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines, use only 65536 different values in the 32-bit ID number field of an RUDP datagram, which makes it easier for remote attackers to guess the RUDP ID and spoof messages. NOTE: this can be leveraged for an eavesdropping attack by sending many Open Audio Stream messages.

Affected products

Nortel/Business Communications Manager8 versions
cpe:2.3:a:nortel:business_communications_manager:1000:*:*:*:*:*:*:*+ 7 more
- cpe:2.3:a:nortel:business_communications_manager:1000:*:*:*:*:*:*:*
- cpe:2.3:a:nortel:business_communications_manager:200:*:*:*:*:*:*:*
- cpe:2.3:a:nortel:business_communications_manager:400:*:*:*:*:*:*:*
- cpe:2.3:a:nortel:business_communications_manager:50:*:*:*:*:*:*:*
- cpe:2.3:a:nortel:business_communications_manager:50a:*:*:*:*:*:*:*
- cpe:2.3:a:nortel:business_communications_manager:50e:*:*:*:*:*:*:*
- cpe:2.3:a:nortel:business_communications_manager:srg200:*:*:*:*:*:*:*
- cpe:2.3:a:nortel:business_communications_manager:srg50:*:*:*:*:*:*:*
Nortel/Centrex Ip Client Manager
cpe:2.3:a:nortel:centrex_ip_client_manager:*:*:*:*:*:*:*:*
Nortel/Centrex Ip Element Manager
cpe:2.3:a:nortel:centrex_ip_element_manager:*:*:*:*:*:*:*:*
Nortel/Meridian Option 11c
cpe:2.3:a:nortel:meridian_option_11c:*:*:*:*:*:*:*:*
Nortel/Meridian Option 51c
cpe:2.3:a:nortel:meridian_option_51c:*:*:*:*:*:*:*:*
Nortel/Meridian Option 61c
cpe:2.3:a:nortel:meridian_option_61c:*:*:*:*:*:*:*:*
Nortel/Meridian Option 81c
cpe:2.3:a:nortel:meridian_option_81c:*:*:*:*:*:*:*:*
Nortel/Meridian Sl100
cpe:2.3:a:nortel:meridian_sl100:cs2100:*:*:*:*:*:*:*
Nortel/Mobile Voice Client 2050
cpe:2.3:a:nortel:mobile_voice_client_2050:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/advisories/27234nvdPatchVendor Advisory
www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.txtnvdExploit
www.securityfocus.com/bid/26120nvdExploit
osvdb.org/41770nvd
securityreason.com/securityalert/3272nvd
www.securityfocus.com/archive/1/482478/100/0/threadednvd
exchange.xforce.ibmcloud.com/vulnerabilities/37255nvd
exchange.xforce.ibmcloud.com/vulnerabilities/42881nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000