Security Advisory – Critical Configuration Vulnerability in Mitel InAttend and CMG

Mitel issued an advisory (24-0003) regarding a critical improper configuration vulnerability in the BluStar component of Mitel InAttend and CMG, identified as CVE-2024-28815. The flaw could allow unauthorized access to sensitive data, system configuration changes, or arbitrary command execution. Affected versions include Mitel InAttend 2.6 SP4 to 2.7 and Mitel CMG 8.5 SP4 to 8.6. Mitel advises updating to the latest software versions to mitigate the risk.

For more details, visit the Mitel advisory.