Primary

Context

Mitel MiVoice MX-ONE Authentication Bypass Vulnerability

Vulnerability

An authentication bypass vulnerability has been identified in the Provisioning Manager component of Mitel MiVoice MX-ONE versions 7.3 (7.3.0.0.50) through 7.8 SP1 (7.8.1.0.14). This vulnerability allows an unauthenticated attacker to bypass authentication mechanisms, potentially leading to unauthorized access to user or admin accounts on the system.

Impact

Exploitation of this vulnerability could result in unauthorized access to user or admin accounts within the system.

Remediation

Mitel has provided patches MXO-15711_78SP0 and MXO-15711_78SP1 for MiVoice MX-ONE versions 7.8 and 7.8 SP1, respectively. For MiVoice MX-ONE version 7.3 and above, patch requests can be submitted to an authorized service partner. Patches are available at Mitel's discretion.

Added: Jan 15, 2026, 10:19 PM

Updated: Jan 15, 2026, 10:19 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

7.0

remediation

8.3

relevance

2.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

7.5

exploitability

7.0

remediation

8.3

relevance

2.1

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mitel MiVoice MX-ONE Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Mitel MiVoice MX-ONE

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating