Cyber Resilience

CVE-2026-0710

High

Published: 23 January 2026

Published
23 January 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v3.1 8.4 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0022 12.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-0710 is a high-severity NULL Pointer Dereference (CWE-476) vulnerability. Its CVSS base score is 8.4 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked at the 12.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-11 (Error Handling).

Deeper analysis

CVE-2026-0710 is a NULL pointer dereference vulnerability (CWE-476) discovered in SIPp, an open-source test tool and traffic generator for the Session Initiation Protocol (SIP). The flaw affects the SIPp application when processing incoming SIP messages, potentially leading to instability during call handling.

A remote attacker can exploit this vulnerability by sending specially crafted SIP messages during an active call. This triggers the NULL pointer dereference, causing the SIPp application to crash and resulting in a denial of service. Under specific conditions, the issue may also enable execution of unauthorized code, compromising the system's integrity and availability. The vulnerability has a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Red Hat has published a security advisory detailing the issue at https://access.redhat.com/security/cve/CVE-2026-0710, along with a related Bugzilla entry at https://bugzilla.redhat.com/show_bug.cgi?id=2427788, which provide information on affected versions, patches, and mitigation steps.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

A flaw was found in SIPp. A remote attacker could exploit this by sending specially crafted Session Initiation Protocol (SIP) messages during an active call. This vulnerability, a NULL pointer dereference, can cause the application to crash, leading to a…

more

denial of service. Under specific conditions, it may also allow an attacker to execute unauthorized code, compromising the system's integrity and availability.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

Null dereference in SIPp enables remote crafted SIP message to trigger DoS crash or potential code execution on the vulnerable process.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2025-66769Shared CWE-476
CVE-2026-4652Shared CWE-476
CVE-2026-28224Shared CWE-476
CVE-2026-28212Shared CWE-476
CVE-2026-41642Shared CWE-476
CVE-2025-24177Shared CWE-476
CVE-2026-20875Shared CWE-476
CVE-2026-31638Shared CWE-476
CVE-2025-62814Shared CWE-476
CVE-2025-69421Shared CWE-476

Affected Assets

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-2 requires timely flaw remediation, directly addressing the NULL pointer dereference in SIPp by applying patches from the Red Hat advisory.

prevent

SI-10 mandates validation of incoming information, preventing specially crafted SIP messages from triggering the NULL pointer dereference.

prevent

SI-11 ensures robust error handling to avoid crashes or exploitation from NULL pointer dereferences during SIP message processing.

References