CVE-2025-47188
Essential information
- Published
- 07/08/2025 15:15
- Modified
- 07/08/2025 21:26
- Author
- —
- Creator
- —
- CVSS
- 6.5 MEDIUM (v3.1)
- CISA KEV
- No
- CWE
- —
- CVSS vector
-
—
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N—
CVSS metrics
- Access vector
- —
- Access complexity
- —
- Authentication
- —
- Confidentiality impact
- —
- Integrity impact
- —
- Availability impact
- —
- Exploitability
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- NETWORK
- Attack complexity
- LOW
- Privileges required
- NONE
- User interaction
- NONE
- Scope
- UNCHANGED
- Confidentiality impact
- LOW
- Integrity impact
- LOW
- Availability impact
- NONE
- Exploit code maturity
- —
- Remediation level
- —
- Report confidence
- —
- Temporal score
- —
- Attack vector
- —
- Attack complexity
- —
- Attack requirements
- —
- Privileges required
- —
- User interaction
- —
- Confidentiality (V)
- —
- Confidentiality (S)
- —
- Integrity (V)
- —
- Integrity (S)
- —
- Availability (V)
- —
- Availability (S)
- —
- Exploit maturity
- —
Description
A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit through 6.4 SP4, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands within the context of the phone, leading to disclosure or modification of sensitive configuration data or affecting device availability and operation.
NVD status
- Status
- Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
- Source
- [email protected]
- NVD
- View on NVD
Affected products (CPE)
| Product | CPE |
|---|---|
| mitel / 6800 series | cpe:2.3:a:mitel:6800_series:*:*:*:*:*:*:*:* |
| mitel / 6900 series | cpe:2.3:a:mitel:6900_series:*:*:*:*:*:*:*:* |
| mitel / 6900w series | cpe:2.3:a:mitel:6900w_series:*:*:*:*:*:*:*:* |
| mitel / 6970 conference unit | cpe:2.3:a:mitel:6970_conference_unit:*:*:*:*:*:*:*:* |
| mitel / sip phones | cpe:2.3:a:mitel:sip_phones:*:*:*:*:*:*:*:* |