Mitel warns of critical MiVoice MX-ONE security flaw

Mitel has issued urgent security updates to address a severe authentication bypass flaw in its MiVoice MX-ONE enterprise communication platform, warning that unpatched systems could allow unauthorized administrative access. The vulnerability poses significant risks to organizations relying on this widely deployed SIP-based solution, which supports large-scale user deployments.

The weakness stems from improper access controls in the MX-ONE Provisioning Manager, enabling attackers to bypass authentication without user interaction. Though a CVE identifier remains pending, Mitel confirmed the flaw impacts versions 7.3 through 7.8 SP1, with fixes available in updates 7.8 (MXO-1571178SP0) and 7.8 SP1 (MXO-1571178SP1). The company strongly advises isolating MX-ONE services from public internet exposure and restricting access to Provisioning Manager functions as interim safeguards.

Affected customers must contact authorized service partners to obtain patches. Mitel also revealed a separate high-risk SQL injection vulnerability (CVE-2025-52914) in its MiCollab collaboration software, capable of executing arbitrary database commands. While neither flaw shows signs of active exploitation, the warning follows recent incidents involving Mitel systems.

Earlier this year, CISA alerted federal agencies about attackers leveraging a MiCollab path traversal bug (CVE-2024-55550) to access sensitive files. In December, researchers uncovered another zero-day (CVE-2024-41713) permitting unauthorized file reads on vulnerable servers.

With over 60,000 customers and 75 million users across healthcare, finance, government, and other critical sectors, Mitel’s widespread adoption makes these vulnerabilities particularly concerning. Organizations are urged to prioritize updates and implement recommended network protections to mitigate potential breaches.

(Source: BLEEPING COMPUTER)