📦

6940

Vendor: mitel

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 1 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 0.26% Exploit Prob.

Latest CVE CVE-2022-29854 May 13

Security Vulnerability Index

Page 1 / 1

6.8 CVSS

CVE-2022-29854

RCE

A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

EPSS: 0.41%

Severity: MEDIUM

May 13, 2022

7.5 CVSS

CVE-2020-13617

The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts.

EPSS: 0.25%

Severity: HIGH

Aug 26, 2020

5.9 CVSS

CVE-2019-18863

A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercept sensitive information.

EPSS: 0.11%

Severity: MEDIUM

Mar 02, 2020

Displaying 3 of 3 Total Entries

Total 1 Sections