Description
A logic vulnerability was found in GStreamer's webrtcbin component. The _check_sdp_crypto() function contains an inverted boolean condition that causes it to accept remote SDP offers or answers that lack the required a=fingerprint attribute, while incorrectly rejecting those that include it. An attacker with the ability to intercept and modify WebRTC signaling messages could exploit this to bypass the SDP-level DTLS certificate fingerprint binding, weakening defenses against man-in-the-middle attacks on media streams.
Published: 2026-07-07
Score: 3.7 Low
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

Vendor Workaround

There is no complete mitigation for this vulnerability. The following measures can reduce risk: 1. Ensure WebRTC signaling channels use TLS encryption to prevent SDP modification in transit. 2. If WebRTC functionality is not required, remove the webrtcbin plugin shared object from the GStreamer plugins directory (typically /usr/lib64/gstreamer-1.0/libgstwebrtc.so).

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Jul 2026 17:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Tue, 07 Jul 2026 16:00:00 +0000

Type Values Removed Values Added
Description A logic vulnerability was found in GStreamer's webrtcbin component. The _check_sdp_crypto() function contains an inverted boolean condition that causes it to accept remote SDP offers or answers that lack the required a=fingerprint attribute, while incorrectly rejecting those that include it. An attacker with the ability to intercept and modify WebRTC signaling messages could exploit this to bypass the SDP-level DTLS certificate fingerprint binding, weakening defenses against man-in-the-middle attacks on media streams.
Title Gstreamer: gstreamer: webrtcbin accepts remote sdp without a=fingerprint due to inverted presence check
First Time appeared Redhat
Redhat enterprise Linux
Weaknesses CWE-670
CPEs cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
References
Metrics cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N'}


Subscriptions

Redhat Enterprise Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-07-07T16:13:27.854Z

Reserved: 2026-07-07T11:25:35.489Z

Link: CVE-2026-14935

cve-icon Vulnrichment

Updated: 2026-07-07T16:13:24.266Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses