SECURITY ADVISORIES

Mitel Product Security Advisories are published for moderate and high-risk security issues. Each advisory provides information on the status of investigation and provides additional information on products confirmed to be affected and recommended action to be taken by customers. Advisories are posted in reverse chronological order.


This information is provided on an "as is" basis and does not grant or imply any guarantees or warranties, including the warranties of merchantability or fitness for a particular use. Mitel does not guarantee that any of the information is accurate or up to date. By using the information, you acknowledge and agree that your use of the information, or the documents or materials linked to this information, is at your own risk. In addition, Mitel’s provision of this information shall not and does not affect the terms or conditions of any agreement with Mitel. Mitel reserves the right to change or update this information without notice at any time.

Click here for a more comprehensive details on Mitel’s Product Security Policy ›


STAY ONE STEP AHEAD

GET NOTIFICATIONS OF THE LATEST SECURITY ADVISORIES SENT RIGHT TO YOUR INBOX EVERY WEEK!

Description Advisory ID CVE# Severity Publish Date Last Updated
Mitel MiContact Center Business Access Token Vulnerability 21-0002 CVE-2021-3352 critical 2021-02-10 2021-02-10
Sudo Buffer Overflow Vulnerability (CVE-2021-3156) OBSO-2102-01 CVE-2021-3156 high 2021-02-04 2021-04-21
Mitel BusinessCTI Enterprise - Remote Code Execution Vulnerability 21-0001 CVE-2021-3176 high 2021-01-25 2021-01-25
OpenScape Business S – WAN Interface Vulnerability OBSO-2101-02 - high 2021-01-19 2021-01-19
Amnesia:33 – Impact on Atos Unify Products OBSO-2101-01 - medium to low 2021-01-08 2022-09-01
Mitel MiCollab NuPoint Messenger Unauthenticated Access Vulnerability 20-0016 CVE-2020-35547 critical 2020-12-29 2020-12-29
Mitel MiCollab Multiple Security Vulnerabilities 20-0015 CVE-2020-25606 CVE-2020-25608 CVE-2020-25609 CVE-2020-25610 CVE-2020-25611 CVE-2020-25612 CVE-2020-27340 high to medium 2020-11-12 2020-11-02
Input validation vulnerability within OpenScape 4000 Assistant/Manager OBSO-2011-01 - high 2020-11-05 2020-11-05
Mitel MiVoice SIP and MiNet Phones Bluetooth Auto Pair Vulnerability 20-0014 CVE-2020-27639 CVE-2020-27640 high to medium 2020-11-02 2020-11-02
Mitel MiVoice SIP, MiNet and DECT Phones Information Disclosure (KNOB) Vulnerability 20-0013 CVE-2019-9506 high 2020-11-02 2020-11-02
Mitel BusinessCTI Enterprise - Remote Code Execution Vulnerability 20-0012 CVE-2020-27154 high 2020-10-20 2020-10-20
SSH configuration vulnerability within OpenScape 4000 OBSO-2009-01 - medium 2020-09-08 2021-04-14
Mitel MiContact Center Business Multiple Security Vulnerabilities 20-0011 CVE-2020-24692 CVE-2020-24693 medium to low 2020-09-02 2020-09-02
Mitel MiCloud Management Portal Multiple Security Vulnerabilities 20-0010 CVE-2020-24592 CVE-2020-24593 CVE-2020-24594 CVE-2020-24595 medium to low 2020-08-31 2020-08-31
Mitel Border Gateway update for a Buffer Overflow vulnerability in PPP Daemon 20-0009 CVE-2020-8597 critical 2020-07-07 2020-07-07
Mitel MiCollab Multiple Security Vulnerabilities 20-0008 CVE-2020-13863 CVE-2020-13767 medium 2020-06-25 2020-06-25
OpenScape 4000 Assistant vulnerabilities OBSO-2006-02 - medium 2020-06-10 2020-06-10
Input validation vulnerability within OpenScape Business OBSO-2006-01 - high 2020-06-02 2020-06-05
Mitel MiVoice 6800 and 6900 series SIP Phones - Memory Disclosure Vulnerability 20-0007 CVE-2020-13617 high 2020-06-02 2020-06-02
Mitel MiVoice Connect Client - Remote Code Execution Vulnerability 20-0006 CVE-2020-12456 high 2020-06-01 2020-07-16
Ready to talk to sales? Contact us.