Re: Miscreants actively exploiting a SIP vulnerability
Considering how limited the SIP inspection on Cisco ASA firewalls is (there is a list of unsupported SIP features), that most SIP implementations over the Internet should now use SIP over TLS (when the ASA doesn't support TLS/SSL decryption) and that although SIP inspection is enabled by default, the likelihood of someone having it enabled, with ACL's that allow access to SIP and not having hit issues that cause it to be disabled is pretty small i.e. approaching zero in the real world.
All the money in the world doesn't fix something that is so broken that Cisco TAC advises that it be turned off...