Initiatives for
As the national authority for Cybersecurity the CCB has developed several initiatives for specific publics which are presented here.
Warning: Critical Command Injection Vulnerability in Mitel SIP Phones, Patch Immediately!
Image
Published : 12/05/2025
* Last update: 12/05/2025
* Affected software::
Mitel 6800 Series SIP Phones version R6.4.0.SP4 and earlier
Mitel 6900 Series SIP Phones version R6.4.0.SP4 and earlier
Mitel 6900w Series SIP Phones version R6.4.0.SP4 and earlier
Mitel 6970 Conference Unit version R6.4.0.SP4 and earlier
- Type: Command Injection
- CVE/CVSS
CVE-2025-47188: CVSS 9.8 (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
Sources
https://www.mitel.com/support/mitel-product-security-advisory-misa-2025-0004
Risks
Successful exploitation of CVE-2025-47188 could allow an unauthenticated attacker to execute arbitrary commands remotely, which could lead to a complete compromise of the device, allowing an attacker to access sensitive data, modify user configuration data, and potentially render the device inoperable.
An attacker exploiting this vulnerability could severely impact the confidentiality, availability and integrity of affected systems.
Description
CVE-2025-47188 is critical a command injection vulnerability affecting 6800 Series, 6900 Series, 6900w Series SIP Phones, including 6970 Conference Unit, running firmware versions R6.4.0.SP4 and earlier.
This command injection vulnerability results from insufficient parameter sanitization and could potentially lead to information disclosure, modification of user configuration data, and impacts the device's availability and operations.
Recommended Actions
Patch
The Centre for Cybersecurity Belgium strongly recommends installing updates for vulnerable devices with the highest priority, after thorough testing.
Monitor/Detect
The CCB recommends organizations upscale monitoring and detection capabilities to identify any related suspicious activity, ensuring a swift response in case of an intrusion.
In case of an intrusion, you can report an incident via:< https://ccb.belgium.be/cert/report-incident>.
While patching appliances or software to the newest version may provide safety from future exploitation, it does not remediate historic compromise.
References
https://gbhackers.com/mitel-sip-phone-flaws-allow-attackers/
https://securityonline.info/critical-vulnerabilities-uncovered-in-mitel-sip-phones-command-injection-and-file-upload-risks/