PT-2020-12047 · Mitel · Mitel Mivoice Connect Client

Daniel Wetherill

Published

2020-04-17

Updated

2025-11-03

CVE-2020-10377

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Mitel MiVoice Connect Client versions prior to 214.100.1214.0

Description A weak encryption issue could allow an unauthenticated attacker to gain access to user credentials. A successful exploit could allow an attacker to access the system with compromised user credentials.

Recommendations For versions prior to 214.100.1214.0, update to version 214.100.1214.0 or later to resolve the issue.

Fix

Use of a Broken Cryptographic Algorithm

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-327

Related Identifiers

CVE-2020-10377

Affected Products

Mitel Mivoice Connect Client

PT-2020-12047 · Mitel · Mitel Mivoice Connect Client

CVE-2020-10377

Weakness Enumeration

Related Identifiers

Affected Products

References · 6