Mitel Product Security Advisory MISA-2026-0003
Linux Kernel Local Privilege Escalation Vulnerability (Copy Fail, CVE-2026-31431)
Advisory ID: MISA-2026-0003
Publish Date: 2026-05-07
Last Updated: 2026-05-21
Revision: 6.0
Summary
In April 2026, a local privilege escalation vulnerability in Linux Kernels was publicly disclosed.
A Local Privilege Escalation Vulnerability, CVE-2026-31431, has been identified in the algif_aead cryptographic algorithm interface of the Kernel of multiple major Linux distributions, which if successfully exploited, could allow an authenticated attacker with local access to a vulnerable system to conduct local privilege escalation due to part of the Linux kernel's cryptographic interface containing an incorrect in-place operation, where source and destination data mappings differ.
The vulnerability severity is rated as high, based on the assessment provided in the CVE record.
Mitel is actively investigating the impact of CVE‑2026‑31431 on our products and will provide updates as more information becomes available.
Detailed Description
This vulnerability requires authenticated local access to a vulnerable system and allows an unprivileged user to escalate privileges to root. It does not provide a direct remote attack vector.
Affected Products and Solutions
Mitel is actively investigating the impact of CVE‑2026‑31431 on Mitel software and hardware appliances that ship with embedded Linux operating systems or Linux Kernel. Mitel will provide updates as more information becomes available.
For Mitel applications that are installed on a Linux operating system that is not embedded within the product, Mitel does not provide guidance for the operating system and customers should follow the instructions of the Linux operating system provider. Mitel will not deliver updates for these Linux operating systems.
Windows-based products are not affected by this vulnerability. No action is required for systems running on Microsoft Windows.
Product statements are related only to supported product versions. Products which have reached End of Support status are not considered.
This security advisory provides information on the following products:
Platforms, Solutions and Gateways:
| Product Name | Status | Version(s) Affected | Solution / Mitigation |
| Mitel Standard Linux | Affected | 12.x | Solution available, KB000127618 |
| MiVoice 5000 | Affected | 8.x | See KB article: KB000127609 |
| MiVoice Border Gateway | Affected | 11.6.x, 12.x | Solution available, KB000127618 |
| MiVoice Business | Affected | 10.1.x to 10.5.x | Solution available, KB000127618 MXeIII, CXII, AX and SMBC platforms are not affected. |
| MiVoice MX-ONE | Affected | 7.3 to 7.8 and 8.x | See KB article: KB000127609 |
| Mitel SMB Controller | Not affected | ||
| Mitel AG41xx Analog Gateways | Not affected | ||
| Mitel EX Controller and Mitel GX Gateway | Not affected | ||
| OpenScape 4000 | Affected | V10 R1.x, V11 R0.22, V11 R1.26 | Solution available, KB000127614 |
| OpenScape Branch | Affected | V10.3 and V11.x | Solution available, KB000127627 |
| OpenScape Business X | Not affected | ||
| OpenScape SBC | Affected | V10.3 and V11.x | Solution available, KB000127627 |
| OpenScape Voice Server | Affected | V9R3 JITC, V10, V11 | Solution available, KB000127677 |
Applications:
| Product Name | Status | Version(s) Affected | Solution / Mitigation |
| MiCollab | Affected | 10.x | See KB article: KB000127609 |
| MiCloud Management Portal | Affected | 6.3.x | Solution available, KB000127618 |
| Mitel Open Integration Gateway | Affected | 4.3.x | Solution available, KB000127618 |
| Mitel Performance Analytics | Affected | MPA 3.6.x | See KB article: KB000127609 |
| OpenScape Alarm Response | Not affected | ||
| OpenScape UC Application | Not affected | ||
| OpenScape Contact Media Service (used by Mitel CX and OpenScape Contact Center) | Affected | V12Rx | Solution available, KB000127683 |
Devices:
| Product Name | Status | Version(s) Affected | Solution / Mitigation |
| Mitel 6800 IP Phone Series | Not affected | ||
| Mitel 6900 IP Phone Series | Not affected | ||
| Mitel 5634 Wi-Fi Phone | Not affected | ||
| Mitel IP-DECT | Not affected | ||
| Mitel RFP12/RFP14 DECT | Not affected | ||
| Mitel SIP-DECT | Affected | 9.1, 9.2, 10.0, 10.1 | Solution available, KB000127706 Mitel SIP-DECT Hardware (RFP 3G/4G and 600d/700d DECT phones) is not affected. |
| Mitel TA7100 Series | Not affected | ||
| OpenScape Cordless | Not affected | ||
| OpenScape DECT Phone | Not affected | ||
| OpenScape Desk Phones CP | Not affected | ||
| OpenScape Endpoint Management | Affected | V1 | See KB article: KB000127609 |
| OpenScape WLAN Phone | Not affected | ||
| OpenScape Xpert Clients 6010P | Affected | V7, V8 | See KB article: KB000127609 |
This section will be updated as Mitel’s investigation continues.
Vulnerability Severity
The vulnerability is rated as high severity, based on the assessment provided in the CVE record.
| CVE ID | SEVERITY | CVSS 3.1 BASE SCORE |
| CVE-2026-31431 | High / 7.8 | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Solution/ Recommended Action
Mitel is actively investigating the impact of CVE‑2026‑31431 on our products and will provide updates as more information becomes available.
Please see Mitel Security Knowledge Base article KB000127609, “Linux Kernel Local Privilege Escalation Vulnerability "Copy Fail" Security Update, CVE-2026-3143133)”
References
CVE‑2026‑31431
Revision History
| Version | Date | Description |
|---|---|---|
| 1.0 | 2026-05-07 | Initial release |
| 2.0 | 2026-05-08 | Updated the "Status" for OpenScape Alarm Response and OpenScape WLAN Phone Updated the "Solution / Mitigation" for OpenScape 4000 |
| 3.0 | 2026-05-11 | Updated the "Status" for Mitel EX Controller and Mitel GX Gateway, Mitel 5634 Wi-Fi Phone, Mitel IP-DECT, Mitel TA7100 Series, OpenScape Cordless and OpenScape DECT Phone Updated the "Solution / Mitigation" for Mitel Standard Linux, MiVoice Border Gateway, MiVoice Business, OpenScape 4000, MiCloud Management Portal and Mitel Open Integration Gateway |
| 4.0 | 2026-05-13 | Updated the "Status" for OpenScape Branch, OpenScape SBC, Mitel 6800 IP Phone Series and Mitel 6900 IP Phone Series. Updated the "Version(s) Affected" for MiVoice Business, OpenScape Branch, OpenScape SBC and OpenScape Voice Server. Updated the "Solution / Mitigation" for MiVoice 5000, MiVoice Business, MiVoice MX-ONE, OpenScape Branch, OpenScape SBC, MiCollab, OpenScape Endpoint Management and OpenScape Xpert Clients 6010P. |
| 5.0 | 2026-05-18 | Updated the "Status" and "Version(s) Affected" for Mitel Performance Analytics, OpenScape Contact Media Service. Updated the "Solution / Mitigation" for OpenScape Branch, OpenScape SBC, OpenScape Voice Server, Mitel Performance Analytics, OpenScape Contact Media Service. |
| 6.0 | 2026-05-21 | Updated the "Status" for Mitel RFP12/RFP14 DECT and Mitel SIP-DECT |
Publisher and Legal Disclaimer
Publisher: Mitel PSIRT / [email protected]
The information provided in this advisory is provided "as is" without warranty of any kind. The information is subject to change without notice. Mitel and its affiliates do not guarantee and accept no legal liability whatsoever arising from or connected to the accuracy, reliability, currency or completeness of the information provided. No part of this document can be reproduced or transmitted in any form or by any means - electronic or mechanical - for any purpose without written permission from Mitel Networks Corporation.