Mitel Releases Security Update for Mitel MiVoice Connect

Mitel has released a security update addressing two vulnerabilities in Mitel MiVoice Connect

Threat ID:: CC-4322
Threat Severity:: Information only
Published:: 22 May 2023 2:30 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Mitel has released a security update addressing two vulnerabilities in Mitel MiVoice Connect

Affected platforms

The following platforms are known to be affected:

Versions: 19.3 SP2 and earlier

Mitel MiVoice Connect

Threat details

Introduction

Mitel has released a security advisory to address two vulnerabilities rated as Critical in MiVoice Connect. The MiVoice Connect vulnerabilities are related to improper access control which could allow an unauthenticated attacker to upload arbitrary scripts. A successful exploit by the attacker could allow arbitrary code execution which could be used to gain control of a system.

Remediation advice

Affected organisations are encouraged to review Mitel's Security Advisory and apply any relevant updates.

Definitive source of threat updates

https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-23-0004

CVE Vulnerabilities

Status Reserved

CVE-2023-31457

Status Reserved

CVE-2023-32748

Last edited: 22 May 2023 2:31 pm