CVE-2022-29854 V 1.8.0.12 is vulnerable to a root access vulnerability due to insufficient access control for test functional.

Indicators of Compromise

Mitel has released software updates which address this issue. Mitel recommends users update their phones as soon as possible. Mitel users may wish to consider the following recommendations in order to further harden the security posture of the device and prevent security incidents. Indicators of compromise (IOCs) are a valuable way for organizations to assess potential cyber-security risks across all environments, including mobile devices. IOCs include such things as files, registry keys, and application data that can be found on a device at a given time. In many cases, an organization will use these indicators to determine whether or not there is malicious activity on its network or devices.

Mitel has released software updates which address this issue. Mitel recommends users update their phones as soon as possible. Mitel users may wish to consider the following recommendations in order to further harden the security posture of the device and prevent security incidents.

Vulnerability Details

The Mitel U5000 is a mobile phone designed to run Mitel's IP Office software. The device was vulnerable to remote code execution and there were no mitigations available on the devices or the firmware. The vulnerability was discovered by Qualys Security Labs, who reported it to Mitel.
Mitel has addressed this vulnerability with updated firmware versions that prevent unauthorized remote code execution.

Timeline

Published on: 05/13/2022 14:15:00 UTC
Last modified on: 06/20/2022 19:15:00 UTC

Indicators of Compromise

Vulnerability Details

Timeline

References