Multiple Weaknesses in Mitel 6700/6800 series SIP phones

Advisory ID: 16-0002
Publish Date: 2016-02-01
Revision: 1.0

Summary

Two vulnerabilities have been discovered in Mitel 6700 and 6800-series SIP phones. Successful exploitation could lead to denial of service or unauthorized access to phone functions or data.

Detailed Description

The following security vulnerabilities have been identified:

Remote denial of service vulnerability
A Proof of Concept exists whereby a well-crafted HTTP POST command could be sent to the phone to initiate a soft-reset without checking any credentials.

Code injection vulnerability
The phone does not protect from a coordinated attack whereby unauthorized modification of a server system configuration file could allow javascript execution in the client browser.

Affected Products

The following products have been identified as affected:

Product Name   Product Versions   Security Bulletin   Last Updated 
 Mitel 6700-series SIP phones  3.3.1 sp4, and earlier  16-0002-001  2016-02-01
 Mitel 6800-series SIP phones  3.3.1, 4.0.0 SP2 and earlier  16-0002-002  2016-02-01

 

Risk Assessment

Risk is considered low. Refer to the product Security Bulletins for additional statements and details regarding risk.

Mitigation / Recommended Action

Customers are advised to upgrade to the latest firmware release. Refer to the product Security Bulletins for details on firmware releases

External References

Credit is given to John de Kroon for reporting these vulnerabilities and to Voiceworks B.V. for their assistance in resolving these issues.

Related CVEs / Advisories

None

Stay One Step Ahead

Ready to talk to sales? Contact us.
Find a Partner +44 1291 430 000 Email Us