Marc Bollhalder

**Name of the Vulnerable Software and Affected Versions** Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones versions through 6.4 SP4 (R6.4.0.4006) Mitel 6970 Conference Unit versions through 6.4 SP4 (R6.4.0.4006) and version V1 R0.1.0 **Description** A command injection issue exists in Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit. The issue is due to insufficient input sanitization, allowing an unauthenticated attacker to execute arbitrary commands within the context of the phone. Successful exploitation could lead to the disclosure or modification of sensitive configuration data, or impact device availability and operation. The vulnerability has been actively exploited since May 2025. **Recommendations** Update Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones to a version later than 6.4 SP4 (R6.4.0.4006). Update Mitel 6970 Conference Unit to a version later than 6.4 SP4 (R6.4.0.4006) or V1 R0.1.0.