Skip to main content

Security Access Control Vulnerability in Mitel MiCollab and MiVoice Business Express Products

A vulnerability called TP240PhoneHome has been identified in Mitel's MiCollab and MiVoice Business Express that could be used to launch UDP DDoS amplification attacks. This vulnerability is being exploited in the wild.

Threat ID:
CC-4054
Category:
DOS
Threat Severity:
Medium
Published:
10 March 2022 5:18 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

A vulnerability called TP240PhoneHome has been identified in Mitel's MiCollab and MiVoice Business Express that could be used to launch UDP DDoS amplification attacks. This vulnerability is being exploited in the wild.

Threat details

Introduction

Security researchers and Mitel have released information identifying a critical vulnerability in MiCollab and MiVoice Business Express that may allow a remote, unauthenticated attacker access to sensitive information and services, cause performance degradations, or a denial-of-service (DoS) condition on the affected system.

If exploited, an impacted system may be used to perform DoS attacks against other services by generating significant volumes of outbound traffic. Security researchers have claimed that theoretically a single packet could be used in a distributed denial-of-service (DDoS) amplification attack with a multiplier of 220 billion percent.

Exploitation in the wild

This vulnerability has been exploited in DDoS attacks beginning in mid-February 2022.

Remediation advice

Affected organisations are encouraged to review Mitel Security Advisory 22-0001 and the relevant security bulletin for MiCollab or MiVoice Business Express and apply the necessary updates or workarounds.

Last edited: 10 March 2022 5:18 pm