Americas
Oceania
Mitel Product Security Advisories are published for moderate and high-risk security issues. Each advisory provides
information on the status of investigation and provides additional information on products confirmed to be affected
and recommended action to be taken by customers. Advisories are posted in reverse chronological order.
This information is provided on an "as is" basis and does not grant or imply any guarantees or warranties, including
the warranties of merchantability or fitness for a particular use. Mitel does not guarantee that any of the
information is accurate or up to date. By using the information, you acknowledge and agree that your use of the
information, or the documents or materials linked to this information, is at your own risk. In addition,
Mitel’s provision of this information shall not and does not affect the terms or conditions of any agreement
with Mitel. Mitel reserves the right to change or update this information without notice at any time.
Click here for a more comprehensive details on Mitel’s Product Security Policy ›
Description | Advisory ID | CVE# | Severity | Publish Date | Last Updated |
---|---|---|---|---|---|
Mitel MiContact Center Business Access Token Vulnerability | 21-0002 | CVE-2021-3352 | critical | 2021-02-10 | 2021-02-10 |
Sudo Buffer Overflow Vulnerability (CVE-2021-3156) | OBSO-2102-01 | CVE-2021-3156 | high | 2021-02-04 | 2021-04-21 |
Mitel BusinessCTI Enterprise - Remote Code Execution Vulnerability | 21-0001 | CVE-2021-3176 | high | 2021-01-25 | 2021-01-25 |
OpenScape Business S – WAN Interface Vulnerability | OBSO-2101-02 | - | high | 2021-01-19 | 2021-01-19 |
Amnesia:33 – Impact on Atos Unify Products | OBSO-2101-01 | - | medium to low | 2021-01-08 | 2022-09-01 |
Mitel MiCollab NuPoint Messenger Unauthenticated Access Vulnerability | 20-0016 | CVE-2020-35547 | critical | 2020-12-29 | 2020-12-29 |
Mitel MiCollab Multiple Security Vulnerabilities | 20-0015 | CVE-2020-25606 CVE-2020-25608 CVE-2020-25609 CVE-2020-25610 CVE-2020-25611 CVE-2020-25612 CVE-2020-27340 | high to medium | 2020-11-12 | 2020-11-02 |
Input validation vulnerability within OpenScape 4000 Assistant/Manager | OBSO-2011-01 | - | high | 2020-11-05 | 2020-11-05 |
Mitel MiVoice SIP and MiNet Phones Bluetooth Auto Pair Vulnerability | 20-0014 | CVE-2020-27639 CVE-2020-27640 | high to medium | 2020-11-02 | 2020-11-02 |
Mitel MiVoice SIP, MiNet and DECT Phones Information Disclosure (KNOB) Vulnerability | 20-0013 | CVE-2019-9506 | high | 2020-11-02 | 2020-11-02 |
Mitel BusinessCTI Enterprise - Remote Code Execution Vulnerability | 20-0012 | CVE-2020-27154 | high | 2020-10-20 | 2020-10-20 |
SSH configuration vulnerability within OpenScape 4000 | OBSO-2009-01 | - | medium | 2020-09-08 | 2021-04-14 |
Mitel MiContact Center Business Multiple Security Vulnerabilities | 20-0011 | CVE-2020-24692 CVE-2020-24693 | medium to low | 2020-09-02 | 2020-09-02 |
Mitel MiCloud Management Portal Multiple Security Vulnerabilities | 20-0010 | CVE-2020-24592 CVE-2020-24593 CVE-2020-24594 CVE-2020-24595 | medium to low | 2020-08-31 | 2020-08-31 |
Mitel Border Gateway update for a Buffer Overflow vulnerability in PPP Daemon | 20-0009 | CVE-2020-8597 | critical | 2020-07-07 | 2020-07-07 |
Mitel MiCollab Multiple Security Vulnerabilities | 20-0008 | CVE-2020-13863 CVE-2020-13767 | medium | 2020-06-25 | 2020-06-25 |
OpenScape 4000 Assistant vulnerabilities | OBSO-2006-02 | - | medium | 2020-06-10 | 2020-06-10 |
Input validation vulnerability within OpenScape Business | OBSO-2006-01 | - | high | 2020-06-02 | 2020-06-05 |
Mitel MiVoice 6800 and 6900 series SIP Phones - Memory Disclosure Vulnerability | 20-0007 | CVE-2020-13617 | high | 2020-06-02 | 2020-06-02 |
Mitel MiVoice Connect Client - Remote Code Execution Vulnerability | 20-0006 | CVE-2020-12456 | high | 2020-06-01 | 2020-07-16 |