Home

Some companies that have chosen us

Privacy Officer and Privacy Consultant
CDP Scheme according to ISO/IEC 17024:2012
European Privacy Auditor
ISDP©10003 Certification Scheme according to ISO/IEC 17065:2012
Auditor
According to standard UNI 11697:2017
Lead Auditor ISO/IEC 27001:2022
According to standard ISO/IEC 17024:2012
Data Protection Officer
According to standard ISO/IEC 17024:2012
Anti-Bribery Lead Auditor Expert
According to standard ISO/IEC 17024:2012
ICT Security Manager
According to standard UNI 11506:2017
IT Service Management (ITSM)
According to the ITIL Foundation
Ethical Hacker (CEH)
According to the EC-Council
Network Defender (CND)
According to the EC-Council
Computer Hacking Forensics Investigator (CHFI)
According to the EC-Council
Penetration Testing Professional (CPENT)
According to the EC-Council

Professional qualifications

Stay up-to-date with world news!

Select your topics of interest:
CYBER ALERT
Home / CYBER ALERT
/
Vulnerabilities in Mitel Products (AL01/250124/CSIRT-ITA)

Vulnerabilities in Mitel Products (AL01/250124/CSIRT-ITA)

Summary

High severity vulnerabilities found in Mitel OpenScape 4000, OpenScape 4000 Manager, and MiContact Center Business products.

Risk

Vulnerability Community Impact Estimation: Medium (63.84)

Type

  • Privilege Escalation
  • Arbitrary Code Execution
  • Information Disclosure

Affected Products and/or Versions

Mitel

  • OpenScape 4000 V11 R0.22.x, Version R0.22.1 and earlier
  • OpenScape 4000 V10 R1.54.x, Version R1.54.1 and earlier
  • OpenScape 4000, Version V10 R1.42.6 and earlier
  • OpenScape 4000 Manager V11 R0.22.x, Version R0.22.1 and earlier
  • OpenScape 4000 Manager V10 R1.54.x, Version R1.54.1 and earlier
  • OpenScape 4000 Manager, Version V10 R1.42.6 and earlier
  • MiContact Center Business 10.2.0.x, version 10.2.0.3 and earlier
  • MiContact Center Business 10.1.0.x, version 10.1.0.5 and earlier
  • MiContact Center Business, version 10.0.0.4 and earlier

Mitigation Actions

In line with vendor statements, it is recommended to update vulnerable products by following the guidance in the security bulletins listed in the References section.

CVE
CVE-2025-23093
CVE-2025-23094

References

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0001

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0002

1This estimate is made taking into account several parameters, including: CVSS, availability of patches/workarounds and PoC, diffusion of the affected software/devices in the reference community.

Recommended to you

Search in 365TRUST

Our services