SECURITY ADVISORIES

Mitel Product Security Advisories are published for moderate and high-risk security issues. Each advisory provides information on the status of investigation and provides additional information on products confirmed to be affected and recommended action to be taken by customers. Advisories are posted in reverse chronological order.

This information is provided on an "as is" basis and does not grant or imply any guarantees or warranties, including the warranties of merchantability or fitness for a particular use. Mitel does not guarantee that any of the information is accurate or up to date. By using the information, you acknowledge and agree that your use of the information, or the documents or materials linked to this information, is at your own risk. In addition, Mitel’s provision of this information shall not and does not affect the terms or conditions of any agreement with Mitel. Mitel reserves the right to change or update this information without notice at any time.

Click here for a more comprehensive details on Mitel’s Product Security Policy ›

Stay one step ahead.

Get notifications of the latest security advisories delivered straight to your inbox!

Sign-up
Advisory ID CVE# Severity Publish Date Last Updated
MiVoice Connect Edge Gateway Cross Site Request Forgery (CSRF) Vulnerability 23-0014 CVE-2023-39285 medium
MiVoice Connect Edge Gateway Command Argument Injection Vulnerability 23-0010 CVE-2023-39287 medium
MiVoice Connect Mobility Router Information Disclosure Vulnerability 23-0013 CVE-2023-39291 medium
MiVoice Connect Edge Gateway Information Disclosure Vulnerability 23-0012 CVE-2023-39290 medium
MiVoice Connect Mobility Router Command Argument Injection and Information Disclosure Vulnerabilities 23-0011 CVE-2023-39288, CVE-2023-39289 medium
Security Advisory Report - OBSO-2308-01 OBSO-2308-01 high
MiVoice Office 400 SMB Controller Command Injection Vulnerability 23-0009 CVE-2023-39293 critical
MiVoice Office 400 SMB Controller SQL Injection Vulnerability 23-0008 CVE-2023-39292 critical
Security Advisory Report - OBSO-2307-01 OBSO-2307-01 CVE-2023-36618/, CVE-2023-36619 high
Security Advisory Report - OBSO-2211-02 OBSO-2211-02 CVE-2022-46404 critical
Security Advisory Report - OBSO-2203-01 OBSO-2203-01 CVE-2022-36444 high
Security Advisory Report - OBSO-2303-02 OBSO-2303-02 CVE-2023-30638 high to medium
Security Advisory Report - OBSO-2305-01 OBSO-2305-01 CVE-2023- 35031, CVE-2023- 35032, CVE-2023- 35033, CVE-2023- 35034, CVE-2023- 35035 critical
Security Advisory Report - OBSO-2303-01 OBSO-2303-01 CVE-2023- 29473, CVE-2023- 29474, CVE-2023- 29475 critical
MiVoice Connect Mobility Router Command Injection Vulnerability 23-0007 CVE-2023-31460 high
MiVoice Connect Mobility Router Default Password Vulnerability 23-0006 CVE-2023-31459 high
MiVoice Connect Reflected Cross-site Scripting Vulnerability 23-0003 CVE-2023-25598, CVE-2023-25599 medium
MiVoice Connect Improper Access Control Vulnerability 23-0004 CVE-2023-31457, CVE-2023-32748 critical
MiVoice Connect Default Password Vulnerability 23-0005 CVE-2023-31458 critical
MiCollab Authentication Vulnerability 23-0002 CVE-2023-25597 medium
Security Advisory Report - OBSO-2201-01 OBSO-2201-01 CVE-2021-4104 medium to high
MiContact Center Business Local File Inclusion Vulnerability 23-0001 CVE-2023-22854 high
Security Advisory Report - OBSO-2203-02 OBSO-2203-02 CVE-2022-0847 medium
Security Advisory Report - OBSO-2211-01 OBSO-2211-01 CVE-2022-3602 , CVE-2022-3786 medium
Vulnerability in Apache Log4j Libraries Affecting Mitel Products 21-0010 CVE-2021-44228, CVE-2021-45046, CVE-2021-45105, CVE-2021-44832, CVE-2021-4104, CVE-2022-23302, CVE-2022-23305, CVE-2022-23307 critical
Security Advisory Report - OBSO-2209-01 OBSO-2209-01 CVE-2022-27255 info
MiVoice Connect Command Injection Vulnerability 22-0007 CVE-2022-40765 medium
MiVoice Connect Code Injection Vulnerability 22-0008 CVE-2022-41223 medium
Mitel MiCollab Authorization Control Vulnerability 22-0009 CVE-2022-41326 critical
Security Advisory Report - OBSO-2101-01 OBSO-2101-01 CVE-2025-XXXXX medium to low
Stay one step ahead

Get notifications of the latest security advisories sent right to your inbox!