Only devices with SIP voice services enabled are vulnerable. Further, to be vulnerable, the devices must have enabled the Cisco Unified Border Element feature. More detailed information about determining whether a device is affected by this vulnerability is in the vendor advisory.
Because this vulnerability can be exploited using UDP, it is possible for an attacker to spoof the source address of the malicious SIP packets. This spoofing could make it harder to determine where the attacks are coming from, and it could also be used to bypass IP-based ACLs if the attacker can determine which IP addresses are allowed to access the affected systems.
Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.