CVE-2022-29855

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-29855
Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented functionality." A vulnerability in Mitel 6800 Series and 6900 Series SIP phones excluding 6970, versions 5.1 SP8 (5.1.0.8016) and earlier, and 6.0 (6.0.0.368) through 6.1 HF4 (6.1.0.165), could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

6.8 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.9 / Impact : 5.9

Attack Vector PHYSICAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.2 /10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:L/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 3.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References
Link Resource
http://packetstormsecurity.com/files/167547/Mitel-6800-6900-Series-SIP-Phones-Backdoor-Access.html Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2022/Jun/32 Exploit Mailing List Third Party Advisory
https://www.mitel.com/support/security-advisories Vendor Advisory
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0004 Vendor Advisory
https://www.syss.de/pentest-blog/undocumented-functionality-backdoor-in-mitel-desk-phones-syss-2022-021 Third Party Advisory
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:mitel:6873i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6873i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6873i_sip:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
OR cpe:2.3:o:mitel:6930_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6930_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6930_sip:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
OR cpe:2.3:o:mitel:6940_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6940_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6940_sip:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
OR cpe:2.3:o:mitel:6865i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6865i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6865i_sip:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
OR cpe:2.3:o:mitel:6867i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6867i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6867i_sip:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
OR cpe:2.3:o:mitel:6869i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6869i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6869i_sip:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
OR cpe:2.3:o:mitel:6920_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6920_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6920_sip:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
OR cpe:2.3:o:mitel:6910_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6910_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6910_sip:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
OR cpe:2.3:o:mitel:6905_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6905_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6905_sip:-:*:*:*:*:*:*:*
History

08 Aug 2023, 14:22

Type Values Removed Values Added
CWE CWE-863 NVD-CWE-Other
References (MISC) https://www.syss.de/pentest-blog/undocumented-functionality-backdoor-in-mitel-desk-phones-syss-2022-021 - (MISC) https://www.syss.de/pentest-blog/undocumented-functionality-backdoor-in-mitel-desk-phones-syss-2022-021 - Third Party Advisory
References (MISC) http://packetstormsecurity.com/files/167547/Mitel-6800-6900-Series-SIP-Phones-Backdoor-Access.html - (MISC) http://packetstormsecurity.com/files/167547/Mitel-6800-6900-Series-SIP-Phones-Backdoor-Access.html - Exploit, Third Party Advisory, VDB Entry
References (FULLDISC) http://seclists.org/fulldisclosure/2022/Jun/32 - (FULLDISC) http://seclists.org/fulldisclosure/2022/Jun/32 - Exploit, Mailing List, Third Party Advisory

20 Jun 2022, 19:15

Type Values Removed Values Added
References
  • (MISC) http://packetstormsecurity.com/files/167547/Mitel-6800-6900-Series-SIP-Phones-Backdoor-Access.html -

11 Jun 2022, 09:15

Type Values Removed Values Added
References
  • (FULLDISC) http://seclists.org/fulldisclosure/2022/Jun/32 -

10 Jun 2022, 14:15

Type Values Removed Values Added
References
  • (MISC) https://www.syss.de/pentest-blog/undocumented-functionality-backdoor-in-mitel-desk-phones-syss-2022-021 -

23 May 2022, 13:58

Type Values Removed Values Added
CPE cpe:2.3:o:mitel:6920_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6873i_sip:-:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6940_sip:-:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6930_sip:-:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6865i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6940_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6865i_sip:-:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6873i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6910_sip:-:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6869i_sip:-:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6867i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6867i_sip:-:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6869i_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6905_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6910_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:mitel:6930_sip_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6905_sip:-:*:*:*:*:*:*:*
cpe:2.3:h:mitel:6920_sip:-:*:*:*:*:*:*:*
References (CONFIRM) https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0004 - (CONFIRM) https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0004 - Vendor Advisory
References (MISC) https://www.mitel.com/support/security-advisories - (MISC) https://www.mitel.com/support/security-advisories - Vendor Advisory
CWE CWE-863
CVSS v2 : unknown
v3 : unknown 		v2 : 7.2
v3 : 6.8

11 May 2022, 20:15

Type Values Removed Values Added
New CVE
Information

Published : 2022-05-11 20:15

Updated : 2024-02-04 22:29

NVD link : CVE-2022-29855

Mitre link : CVE-2022-29855

CVE.ORG link : CVE-2022-29855

JSON object : View

Products Affected

mitel

  • 6940_sip
  • 6867i_sip
  • 6873i_sip_firmware
  • 6905_sip_firmware
  • 6910_sip_firmware
  • 6920_sip
  • 6873i_sip
  • 6905_sip
  • 6869i_sip
  • 6865i_sip_firmware
  • 6865i_sip
  • 6910_sip
  • 6867i_sip_firmware
  • 6930_sip
  • 6869i_sip_firmware
  • 6920_sip_firmware
  • 6930_sip_firmware
  • 6940_sip_firmware
CWE
NVD-CWE-Other