PT-2020-9994 · Mitel · Mitel 6800+1

Alexander Traud

Published

2020-03-02

Updated

2021-07-21

CVE-2019-18863

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions: Mitel 6800 and 6900 SIP series phones versions 5.1.0.2051 SP2 and earlier

Description: A key length issue in the SRTP 128-bit key implementation could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call, potentially enabling the interception of sensitive information.

Recommendations: For versions 5.1.0.2051 SP2 and earlier, update to a version later than 5.1.0.2051 SP2 to resolve the issue.

Fix

Inadequate Encryption Strength

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-326

Related Identifiers

CVE-2019-18863

Affected Products

Mitel 6800

Mitel 6900

PT-2020-9994 · Mitel · Mitel 6800+1

CVE-2019-18863

Weakness Enumeration

Related Identifiers

Affected Products

References · 4