CVE-2024-41710

high-risk

Published 2024-08-12

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, through R6.4.0.HF1 (R6.4.0.136) could allow an authenticated attacker with administrative privilege to conduct an argument injection attack, due to insufficient parameter sanitization during the boot process. A successful exploit could allow an attacker to execute arbitrary commands within the context of the system.

Do I need to act?

19.7% chance of exploitation in next 30 days

EPSS score — higher than 80% of all CVEs

CISA KEV: actively exploited in the wild

On the Known Exploited Vulnerabilities catalog — federal agencies must patch

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.2/10 High

NETWORK / LOW complexity

Affected Products (15)

6970 Firmware

6940W Sip Firmware

6930W Sip Firmware

6920W Sip Firmware

6920 Sip Firmware

6915 Sip Firmware

6910 Sip Firmware

6905 Sip Firmware

6940 Sip Firmware

6930 Sip Firmware

6873I Sip Firmware

6869I Sip Firmware

6867I Sip Firmware

6865I Sip Firmware

6863I Sip Firmware

Affected Vendors

Mitel

References (4)

Exploit https://github.com/kwburns/CVE/blob/main/Mitel/6.3.0.1020/README.md

Vendor Advisory https://www.mitel.com/support/security-advisories

Vendor Advisory https://www.mitel.com/support/security-advisories/mitel-product-security-advisor...

US Government Resource https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-...

/ 100

high-risk

Severity 26/34 · High

Exploitability 21/34 · High

Exposure 18/34 · Moderate