Security Advisory – Mitel SIP Phones Information Disclosure Vulnerability (CVE-2024-31967)

Mitel has reported an information disclosure vulnerability (CVE-2024-31967) affecting their 6800, 6900, and 6900w Series SIP Phones, including the 6970 Conference Unit. This vulnerability could allow unauthorized access to user information and phone configuration. Affected devices should be updated to the latest firmware versions to mitigate the risk. The issue was identified by Kevin Joensen of CSIS.

For full details, visit: Mitel Product Security Advisory 24-0010