Mitel Vulnerability – CVE-2022-26143

14th March 2022

In February Mitel disclosed product security advisory 22-0001, now assigned CVE-2022-26143.

Stated to affect, Mitel MiCollab (Prior to and including R9.4SP1) and MiVoice Business Express (Prior to and including R8.1). These systems are potentially vulnerable to “unauthorized access to sensitive information and services, cause performance degradations or a denial of service condition on the affected system.”

The denial-of-service element of this vulnerability has drawn particular interest, potentially enabling malicious actors to leverage record breaking amplification ratios to disrupt victims’ connectivity.

 

“Attacks have been observed on broadband access ISPs, financial institutions, logistics companies, gaming companies, and organizations in other vertical markets.” – https://www.akamai.com/blog/security/phone-home-ddos-attack-vector

While the amplification scale is significant, the flexibility of the exploitable devices is less so. A vulnerable system can not be used to reflect traffic to more than one destination concurrently. Additionally process thread limits within the affected devices have a dampening affect, compared to most traditional denial of service techniques. Despite this, the overwhelming amplification scale is potent enough to be of concern as various security articles have expressed.

 

“This amplified attack traffic can be detected, classified, traced back, and safely mitigated using standard DDoS defense tools and techniques” – https://blog.cloudflare.com/cve-2022-26143/

Daisy have been working together with Mitel to address all instances of our affected devices, ensuring they are no longer vulnerable. Daisy’ managed DDoS Protection service also protects our customers and infrastructure from the targeted effects of these attacks. Daisy continue to monitor this threat and its utilisation across the internet and will work with Mitel to address any further developments as required.

 

If you are responsible for any of the affected devices, please refer to Mitel’s guidance within the advisory below. Should you require any assistance or further information on this matter, please contact Daisy via our Service Desk team on 0330 024 3333 or our Customer Portal.

 

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0001

https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_22-0001-01-v2.pdf

https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_22-0001-02-v2.pdf

https://www.akamai.com/blog/security/phone-home-ddos-attack-vector

https://blog.cloudflare.com/cve-2022-26143/

Talk to one of our specialists.
Call us on
0344 863 3000