Mitel Patches Severe Flaws in MiVoice MX-ONE and MiCollab
Mitel has issued critical security patches for two vulnerabilities affecting their MiVoice MX-ONE and MiCollab platforms. The patches address a severe authentication bypass flaw and a high-severity SQL injection vulnerability.
The authentication bypass flaw, rated 9.4 on the CVSS scale, impacts MiVoice MX-ONE versions 7.3 to 7.8 SP1. Mitel recommends keeping MX-ONE off the public internet and running it in a trusted network. They also suggest limiting access or disabling the Provisioning Manager service.
Mitel has also patched a SQL injection vulnerability (CVE-2025-52914, CVSS score: 8.8) in MiCollab. The flaw allows unauthenticated attackers to gain unauthorized access to user or admin accounts due to weak access controls. No specific organization is named as responsible for creating this vulnerability.
Mitel has released patches MXO-15711_78SP0 and MXO-15711_78SP1 for the affected versions. Users are advised to apply these patches immediately to protect their systems from potential security threats.
Read also:
- Belarus Launches First Accredited Cybersecurity Center
- Software Ré́publique Unveils Ambitious Projects: Cybersecurity for Renault, Vehicle Flow Modeling, and Intelligent Charging
- Renault, Dacia Warn of Cyber Attack on Third-Party Data Provider
- Retail Fraud Surges: New Tactics Threaten Consumers and Businesses
