The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HMitel Micollab
APPMitel9.4< 9.4Mitel Mivoice Business Express
APPMitel≤ 8.1
CISA KEV — detailsi
- Vendori
- Mitel
- Producti
- MiCollab, MiVoice Business Express
- Added to KEVi
- March 25, 2022
- Remediation deadline (US Federal)i
- April 15, 2022(overdue)
Apply updates per vendor instructions.
A vulnerability has been identified in MiCollab and MiVoice Business Express that may allow a malicious actor to gain unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system.
Related vulnerabilities
Path Traversal w Mitel MiCollab — nieautoryzowany dostęp do danych
Command Injection w Mitel MiCollab i MiVoice Business Solution Virtual Instance
SQL Injection w Mitel MiCollab NuPoint Messenger — dostęp bez uwierzytelnienia
Command injection w Mitel MiCollab NuPoint Messenger — dostęp bez uwierzytelnienia
SQL Injection w komponencie AWV Mitel MiCollab — dostęp bez uwierzytelnienia