Mitel 17-0002

Privilege Escalation / Remote Code Execution Vulnerability in MiVoice Conference/Video Phone (UC360)

Publish date

February 2017

Identifier

Mitel Product Security Advisory 17-0002

Manufacturer

Mitel

Product

UC360

Patched

http://www.mitel.com/mitel-product-security-advisory-17-0002

Authors

Tom Moreton

Description

The MiVoice Conference/Video Phone is vulnerable to remote code execution and privilege escalation via the installed web browser application. A malicious media file opened in the installed web browser application could compromise the device.

http://www.mitel.com/mitel-product-security-advisory-17-0002

CBEST
CREST STAR
CHECK IT Health Check Service
CREST
Cyber Essentials
CESG Certified Service
First - Improving Security Together
BSI ISO 9001 FS 581360
BSI ISO 27001 IS 553326
Allianz für Cyber-Sicherheit