Hackers Exploit Mitel VoIP Zero-Day in Likely Ransomware Attack

By Ravie Lakshmanan

A suspected ransomware intrusion attempt against an unnamed target leveraged a Mitel VoIP appliance as an entry point to achieve remote code execution and gain initial access to the environment. The findings come from cybersecurity firm CrowdStrike, which traced the source of the attack to a Linux-based Mitel VoIP device sitting on the network perimeter, while also identifying a previously

Related tags
June 24^th 2022 at 12:58

The Hacker News
Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses
June 13^th 2022 at 10:55

Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses

By Ravie Lakshmanan

Cybersecurity researchers have disclosed details of two medium-security flaws in Mitel 6800/6900 desk phones that, if successfully exploited, could allow an attacker to gain root privileges on the devices. Tracked as CVE-2022-29854 and CVE-2022-29855 (CVSS score: 6.8), the access control issues were discovered by German penetration testing firm SySS, following which patches were shipped in May

Related tags
June 13^th 2022 at 10:55