Description
ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the handling of SIP calls. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-28303.
Published: 2026-01-23
Score: 9.8 Critical
EPSS: 1.4% Low
KEV: No
Impact: Remote Code Execution
Action: Immediate Patch
AI Analysis

Impact

The flaw is a use-after-free error in the SIP processing logic of the ALGO 8180 IP Audio Alerter. An attacker can send a crafted SIP message that triggers the deletion and subsequent re-use of an object that no longer exists, allowing execution of arbitrary code in the device’s context. No authentication is required, so the attack can be launched from any network that can reach the device. The resulting Remote Code Execution compromises the confidentiality, integrity and availability of the device and the network segment it serves.

Affected Systems

The vulnerability affects ALGO Solutions’ 8180 IP Audio Alerter hardware, specifically firmware version 5.5 and any earlier releases that contain the referenced SIP handler. The device’s SIP interface is the attack surface.

Risk and Exploitability

The CVSS v3.1 score is 9.8, indicating a critical vulnerability, and the EPSS score of 1% suggests a low but non-zero current exploit probability. It is not yet included in CISA’s KEV catalog. The lack of authentication requirements and the dependency on interface traffic make remote exploitation feasible from outside the protected network. Attackers could gain full control of the device, potentially facilitating broader network compromise or denial of service.

Generated by OpenCVE AI on April 18, 2026 at 03:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update to the latest firmware release that fixes the use-after-free bug.
  • Restrict SIP traffic to trusted IP ranges using firewalls or network segmentation.
  • Continuously monitor device logs for anomalous SIP activity to detect exploitation attempts.

Generated by OpenCVE AI on April 18, 2026 at 03:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 18 Feb 2026 19:00:00 +0000

Type Values Removed Values Added
First Time appeared Algosolutions
Algosolutions 8180 Ip Audio Alerter
Algosolutions 8180 Ip Audio Alerter Firmware
CPEs cpe:2.3:h:algosolutions:8180_ip_audio_alerter:-:*:*:*:*:*:*:*
cpe:2.3:o:algosolutions:8180_ip_audio_alerter_firmware:5.5:*:*:*:*:*:*:*
Vendors & Products Algosolutions
Algosolutions 8180 Ip Audio Alerter
Algosolutions 8180 Ip Audio Alerter Firmware
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Fri, 23 Jan 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Fri, 23 Jan 2026 16:45:00 +0000

Type Values Removed Values Added
First Time appeared Algo
Algo 8180 Ip Audio Alerter
Vendors & Products Algo
Algo 8180 Ip Audio Alerter

Fri, 23 Jan 2026 03:30:00 +0000

Type Values Removed Values Added
Description ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SIP calls. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-28303.
Title ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability
Weaknesses CWE-416
References
Metrics cvssV3_0

{'score': 8.1, 'vector': 'CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Algo 8180 Ip Audio Alerter
Algosolutions 8180 Ip Audio Alerter 8180 Ip Audio Alerter Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: zdi

Published:

Updated: 2026-01-23T16:36:15.928Z

Reserved: 2026-01-08T22:55:57.480Z

Link: CVE-2026-0794

cve-icon Vulnrichment

Updated: 2026-01-23T16:36:11.405Z

cve-icon NVD

Status : Analyzed

Published: 2026-01-23T04:16:07.250

Modified: 2026-02-18T18:51:30.800

Link: CVE-2026-0794

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T03:30:25Z

Weaknesses