Mitel Product Security Advisory 16-0002

Multiple Weaknesses in Mitel 6700/6800 series SIP phones

Advisory ID: 16-0002
Publish Date: 2016-02-01
Revision: 1.0

Summary

Two vulnerabilities have been discovered in Mitel 6700 and 6800-series SIP phones. Successful exploitation could lead to denial of service or unauthorized access to phone functions or data.

Detailed Description

The following security vulnerabilities have been identified:

Remote denial of service vulnerability
A Proof of Concept exists whereby a well-crafted HTTP POST command could be sent to the phone to initiate a soft-reset without checking any credentials.

Code injection vulnerability
The phone does not protect from a coordinated attack whereby unauthorized modification of a server system configuration file could allow javascript execution in the client browser.

Affected Products

The following products have been identified as affected:

Product Name Product Versions Security Bulletin Last Updated
Mitel 6700-series SIP phones 3.3.1 sp4, and earlier 16-0002-001 2016-02-01
Mitel 6800-series SIP phones 3.3.1, 4.0.0 SP2 and earlier 16-0002-002 2016-02-01

Risk Assessment

Risk is considered low. Refer to the product Security Bulletins for additional statements and details regarding risk.

Mitigation / Recommended Action

Customers are advised to upgrade to the latest firmware release. Refer to the product Security Bulletins for details on firmware releases

External References

Credit is given to John de Kroon for reporting these vulnerabilities and to Voiceworks B.V. for their assistance in resolving these issues.

Related CVEs / Advisories

None