CVE-2021-31617
Description
Memory management flaw in Stormshield Network Security's ASQ module allows remote code execution via crafted RTSP or MGCP traffic.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Memory management flaw in Stormshield Network Security's ASQ module allows remote code execution via crafted RTSP or MGCP traffic.
Vulnerability
The vulnerability resides in the ASQ module of Stormshield Network Security (SNS). It is a memory management error in the handling of RTSP and MGCP protocols. For MGCP, exploitation is only possible if default protocol alarms are disabled. Affected versions: SNS 1.0.0 through 2.7.8, 2.8.0 through 2.16.0, 3.0.0 through 3.7.20, 3.8.0 through 3.11.8, and 4.0.1 through 4.2.2 [1].
Exploitation
An attacker can send specially crafted network traffic to the affected SNS appliance. The attack vector is network, with high attack complexity. No authentication or user interaction is required. The attacker must trigger the memory management error in the ASQ module via RTSP or MGCP protocol handling [1].
Impact
Successful exploitation can lead to denial of service or remote code execution. The CVSS v3.1 base score is 8.1, with high impact on confidentiality, integrity, and availability. The scope remains unchanged [1].
Mitigation
No workaround is available. The vulnerability is fixed in SNS versions 2.7.9, 3.7.21, 3.11.9, and 4.2.3. Users should upgrade to these or later versions [1].
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: 1.0.0 - 2.7.8, 2.8.0 - 2.16.0, 3.0.0 - 3.7.20, 3.8.0 - 3.11.8, 4.0.1 - 4.2.2
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Memory management error in the ASQ module's handling of RTSP and MGCP protocols leads to a memory corruption vulnerability exploitable for remote code execution."
Attack vector
An unauthenticated attacker sends a specially crafted RTSP or MGCP packet to a vulnerable Stormshield Network Security appliance [ref_id=1]. For the MGCP protocol, exploitation is only possible if the default protocol alarms are disabled [ref_id=1]. The attack requires high complexity due to the need to precisely manipulate memory state, but no privileges or user interaction are needed [ref_id=1]. Successful exploitation results in remote code execution with high impact on confidentiality, integrity, and availability [ref_id=1].
Affected code
The vulnerability resides in the ASQ module's RTSP and MGCP protocol handling code [ref_id=1]. The advisory does not specify exact function names or file paths.
What the fix does
The advisory does not include a patch diff, but states the vulnerability is fixed in SNS versions 2.7.9, 3.7.21, 3.11.9, and 4.2.3 [ref_id=1]. No workaround solution is available [ref_id=1]. The fix corrects the memory management error in the ASQ module's RTSP and MGCP protocol handling code that could lead to memory corruption [ref_id=1].
Preconditions
- networkNetwork access to the vulnerable Stormshield Network Security appliance
- configFor MGCP exploitation: default protocol alarms must be disabled
Generated on May 25, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- advisories.stormshield.eumitrex_refsource_MISC
- advisories.stormshield.eu/2021-020/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.