Summary
High severity vulnerabilities found in Mitel OpenScape 4000, OpenScape 4000 Manager, and MiContact Center Business products.
Risk
Vulnerability Community Impact Estimation: Medium (63.84)
Type
- Privilege Escalation
- Arbitrary Code Execution
- Information Disclosure
Affected Products and/or Versions
Mitel
- OpenScape 4000 V11 R0.22.x, Version R0.22.1 and earlier
- OpenScape 4000 V10 R1.54.x, Version R1.54.1 and earlier
- OpenScape 4000, Version V10 R1.42.6 and earlier
- OpenScape 4000 Manager V11 R0.22.x, Version R0.22.1 and earlier
- OpenScape 4000 Manager V10 R1.54.x, Version R1.54.1 and earlier
- OpenScape 4000 Manager, Version V10 R1.42.6 and earlier
- MiContact Center Business 10.2.0.x, version 10.2.0.3 and earlier
- MiContact Center Business 10.1.0.x, version 10.1.0.5 and earlier
- MiContact Center Business, version 10.0.0.4 and earlier
Mitigation Actions
In line with vendor statements, it is recommended to update vulnerable products by following the guidance in the security bulletins listed in the References section.
References
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0001
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0002
1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.