Thursday, June 30, 2022
HomeCyber SecurityResearchers Disclose Rooting Backdoor in Mitel IP Telephones for Companies

Researchers Disclose Rooting Backdoor in Mitel IP Telephones for Companies


Cybersecurity researchers have disclosed particulars of two medium-security flaws in Mitel 6800/6900 desk telephones that, if efficiently exploited, may permit an attacker to realize root privileges on the units.

Tracked as CVE-2022-29854 and CVE-2022-29855 (CVSS rating: 6.8), the entry management points have been found by German penetration testing agency SySS, following which patches have been shipped in Might 2022.


“As a result of this undocumented backdoor, an attacker with bodily entry to a weak desk telephone can acquire root entry by urgent particular keys on system boot, after which hook up with a offered Telnet service as root consumer,” SySS researcher Matthias Deeg stated in an announcement shared with The Hacker Information.

Particularly, the difficulty pertains to a beforehand unknown performance current in a shell script (“”) within the telephones’ firmware that is designed to be executed at system boot.

“The shell script ‘,’ which is situated within the listing ‘/and many others’ on the telephone, checks whether or not the keys “*” and “#” are pressed concurrently throughout system startup,” the researchers stated. “The telephone then units its IP tackle to ‘10.30.102[.]102’ and begins a Telnet server. A Telnet login can then be carried out with a static root password.”

Profitable exploitation of the issues may permit entry to delicate data and code execution. The vulnerabilities impression 6800 and 6900 Collection SIP telephones, excluding the 6970 mannequin.


Customers of the affected fashions are really useful to replace to the newest firmware model to mitigate any potential threat arising out of exploiting the privilege escalation assault.

This isn’t the primary time such backdoor options have been found in telecommunications-related firmware. In December 2021, RedTeam Pentesting revealed two such bugs in Auerswald’s VoIP home equipment that could possibly be abused to realize full administrative entry to the units.


Sasith Mawan
Sasith Mawan
I'm a Software Engineering graduate with more than 6 years experience on the IT world working as a Software Developer to Tech Lead. Currently the Co-Founder of a Upcoming Gaming Company located in United States.


Please enter your comment!
Please enter your name here

Most Popular

Recent Comments