HIGH🇵🇱 Wersja polska

CVE-2020-27639

CVSS 8.1v3.1pub. 2020-12-18upd. 2024-11-21

The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP phones with firmware before 5.1.0.SP6 could allow an unauthenticated attacker within Bluetooth range to pair a rogue Bluetooth device when a phone handset loses connection, due to an improper pairing mechanism. A successful exploit could allow an attacker to eavesdrop on conversations.

CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
  • Mitel 6873i Sip

    HW
    Mitel
    wszystkie wersje
  • Mitel 6873i Sip Firmware

    OS
    Mitel
    5.1.0< 5.1.0
  • Mitel 6930 Sip

    HW
    Mitel
    wszystkie wersje
  • Mitel 6930 Sip Firmware

    OS
    Mitel
    5.1.0< 5.1.0
  • Mitel 6940 Sip

    HW
    Mitel
    wszystkie wersje
  • Mitel 6940 Sip Firmware

    OS
    Mitel
    5.1.0< 5.1.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
Auth Bypass
CWE
References

Related vulnerabilities

CVE-2024-41710HIGH7.2⚠ KEVten sam produkt

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Confere...

CVE-2022-29854MEDIUM6.8ten sam produkt

A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, co...

CVE-2022-29855MEDIUM6.8ten sam produkt

Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerabi...

CVE-2024-41713CRITICAL9.1⚠ KEVPL ✓ten sam vendor

Path Traversal w Mitel MiCollab — nieautoryzowany dostęp do danych

CVE-2022-29499CRITICAL9.8⚠ KEVten sam vendor

The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because...