11 matches found
EUVD-2019-8558
Malware in sbrugna...
CVE-2025-47188
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones through 6.4 SP4 R6.4.0.4006, and the 6970 Conference Unit through 6.4 SP4 R6.4.0.4006 or version V1 R0.1.0, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient paramete...
Mitel多款产品 安全漏洞
Mitel 6800 Series and Mitel 6900 Series are both a series of phones from Mitel Canada. A security vulnerability exists in various Mitel products that stems from insufficient parameter cleanup and could lead to a command injection attack. The following products and versions are affected: Mitel 680...
CVE-2025-47187
The vulnerability CVE-2025-47187 affects Mitel 6800 Series, Mitel 6900 Series, Mitel 6900w Series SIP Phones (up to 6.4 SP4 R6.4.0.4006) and the 6970 Conference Unit (up to 6.4 SP4 R6.4.0.4006 or V1 R0.1.0). It arises from missing authentication, allowing an unauthenticated attacker to upload arb...
CVE-2020-27639
The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP phones with firmware before 5.1.0.SP6 could allow an unauthenticated attacker within Bluetooth range to pair a rogue Bluetooth device when a phone handset loses connection, due to an improper pairing mechanism. A successful exploit...
New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks
A Mirai botnet variant dubbed Aquabot has been observed actively attempting to exploit a medium-severity security flaw impacting Mitel phones in order to ensnare them into a network capable of mounting distributed denial-of-service DDoS attacks. The vulnerability in question is CVE-2024-41710 CVS...
The vulnerability of the microprogramming software of Mitel telephones of models 6800, 6900, 6970, and 6900w lies in the fact that it allows for the insertion or modification of arguments, enabling a perpetrator to execute arbitrary commands.
The vulnerability of the microprogramming software in SIP phones of the Mitel series 6800, 6900, 6970, and 6900w is related to the implementation or modification of arguments. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the microprogrammed software of Mitel series 6800, 6900, 6900w, and 6970 desktop telephones, related to the ability to bypass authentication, allows attackers to modify phone configuration parameters and trigger a service failure.
The vulnerability of the microprogramming software of Mitel series 6800, 6900, 6900w, and 6970 lies in its ability to bypass authentication. Exploiting this vulnerability allows an attacker to modify the phone’s configuration parameters and cause service failures...
CVE-2022-29855
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 5.1.0.8016 and earlier, and 6.0 6.0.0.368 through 6.1 HF4 6.1.0.165, could allow a unauthenticated...
PT-2022-2956 · Mitel · Mitel 6900 Series Ip Phones +1
Name of the Vulnerable Software and Affected Versions: Mitel 6800 Series SIP Phones versions 5.1 SP8 5.1.0.8016 and earlier Mitel 6800 Series SIP Phones versions 6.0 6.0.0.368 through 6.1 HF4 6.1.0.165 Mitel 6900 Series SIP Phones versions 5.1 SP8 5.1.0.8016 and earlier Mitel 6900 Series SIP Phon...
Design/Logic Flaw
A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercep...