Argument Injection Vulnerability in Mitel SIP Phones
CVE-2024-41711

Currently unrated

Key Information:

Vendor: Mitel
Status: Mitel SIP Phones
Vendor: CVE Published:; 13 August 2024

What is CVE-2024-41711?

A vulnerability in various Mitel SIP phone models arises from inadequate parameter sanitization, potentially allowing an unauthenticated attacker with physical access to perform an argument injection attack. This could enable the execution of arbitrary commands within the phone's system context, raising significant security concerns for users.

References

https://www.mitel.com/support/security-advisories/mitel-p...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 13, 2024
Vulnerability Reserved
Jul 22, 2024