CVE-2022-29854

🗓️ 13 May 2022 13:12:13Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 8 Media mentions👁 92 Views

A vulnerability in Mitel 6900 Series IP (MiNet) phones, excluding 6970, versions 1.8 (1.8.0.12) and earlier, could allow unauthenticated attacker with physical access to gain root access due to insufficient access control

Reporter	Title	Published	Views	Family All 13
0day.today	Mitel 6800/6900 Series SIP Phones Backdoor Access Vulnerability	21 Jun 202200:00	–	zdt
ATTACKERKB	CVE-2022-29854	13 May 202214:15	–	attackerkb
Circl	CVE-2022-29854	13 May 202218:32	–	circl
CNNVD	Mitel 6900 Series IP Phone MiNet 安全漏洞	4 May 202200:00	–	cnnvd
Cvelist	CVE-2022-29854	13 May 202213:12	–	cvelist
EUVD	EUVD-2022-34172	3 Oct 202520:07	–	euvd
NVD	CVE-2022-29854	13 May 202214:15	–	nvd
Packet Storm	Mitel 6800/6900 Series SIP Phones Backdoor Access	20 Jun 202200:00	–	packetstorm
Prion	Improper access control	13 May 202214:15	–	prion
Positive Technologies	PT-2022-2959 · Mitel · Mitel 6900 Series Ip Phones	13 May 202200:00	–	ptsecurity

NVD

Node

mitel minet_firmwareRange≤1.8.0.12

AND

mitel 6905Match-

mitel 6910Match-

mitel 6920Match-

mitel 6930Match-

mitel 6930_sipMatch-

mitel 6940Match-

mitel 6940_sipMatch-

Source	Link
mitel	www.mitel.com/support/security-advisories
seclists	www.seclists.org/fulldisclosure/2022/Jun/32
packetstormsecurity	www.packetstormsecurity.com/files/167547/Mitel-6800-6900-Series-SIP-Phones-Backdoor-Access.html
mitel	www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0003
syss	www.syss.de/pentest-blog/undocumented-functionality-backdoor-in-mitel-desk-phones-syss-2022-021