Mitel has released security patches for a critical vulnerability in the MiVoice MX-ONE platform that could allow remote attackers to bypass authentication and gain administrator privileges. Although the vulnerability has not been exploited in the wild, timely patch application is crucial to prevent potential breaches. #Mitel #MiVoiceMXONE
Keypoints
- Mitel announced patches for a high-severity authentication bypass vulnerability in MiVoice MX-ONE.
- The flaw affects versions 7.3 to 7.8 SP1 and allows unauthenticated remote access to user or admin accounts.
- The vulnerability stems from improper access controls in the Provisioning Manager component.
- Mitel recommends applying patches immediately and not exposing MX-ONE services directly to the internet.
- No active exploits have been detected, but previous Mitel vulnerabilities have been targeted by threat actors like the Aquabot botnet.
Read More: https://www.securityweek.com/mitel-patches-critical-flaw-in-enterprise-communication-platform/