CVE-2020-13617
First published: Wed Aug 26 2020(Updated: )
The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Mitel 6863i SIP Firmware | <=5.0 | |
| Mitel 6863i SIP Firmware | =5.1 | |
| Mitel 6863i SIP Firmware | =5.1-sp1 | |
| Mitel 6863i SIP Firmware | =5.1-sp2 | |
| Mitel 6863i SIP Firmware | =5.1-sp3 | |
| Mitel 6863i SIP Firmware | =5.1-sp4 | |
| Mitel 6863 Firmware | ||
| Mitel 6865i firmware | <=5.0 | |
| Mitel 6865i firmware | =5.1 | |
| Mitel 6865i firmware | =5.1-sp1 | |
| Mitel 6865i firmware | =5.1-sp2 | |
| Mitel 6865i firmware | =5.1-sp3 | |
| Mitel 6865i firmware | =5.1-sp4 | |
| Mitel 6865i SIP | ||
| Mitel 6867 firmware | <=5.0 | |
| Mitel 6867 firmware | =5.1 | |
| Mitel 6867 firmware | =5.1-sp1 | |
| Mitel 6867 firmware | =5.1-sp2 | |
| Mitel 6867 firmware | =5.1-sp3 | |
| Mitel 6867 firmware | =5.1-sp4 | |
| Mitel 6867i SIP | ||
| Mitel 6869 firmware | <=5.0 | |
| Mitel 6869 firmware | =5.1 | |
| Mitel 6869 firmware | =5.1-sp1 | |
| Mitel 6869 firmware | =5.1-sp2 | |
| Mitel 6869 firmware | =5.1-sp3 | |
| Mitel 6869 firmware | =5.1-sp4 | |
| Mitel 6869i SIP | ||
| Mitel 6873 firmware | <=5.0 | |
| Mitel 6873 firmware | =5.1 | |
| Mitel 6873 firmware | =5.1-sp1 | |
| Mitel 6873 firmware | =5.1-sp2 | |
| Mitel 6873 firmware | =5.1-sp3 | |
| Mitel 6873 firmware | =5.1-sp4 | |
| Mitel 6873i SIP | ||
| Mitel MiVoice 6940 firmware | <=5.0 | |
| Mitel MiVoice 6940 firmware | =5.1 | |
| Mitel MiVoice 6940 firmware | =5.1-sp1 | |
| Mitel MiVoice 6940 firmware | =5.1-sp2 | |
| Mitel MiVoice 6940 firmware | =5.1-sp3 | |
| Mitel MiVoice 6940 firmware | =5.1-sp4 | |
| Mitel 6940 Firmware | ||
| Mitel 6970 firmware | <=5.0 | |
| Mitel 6970 firmware | =5.1 | |
| Mitel 6970 firmware | =5.1-sp1 | |
| Mitel 6970 firmware | =5.1-sp2 | |
| Mitel 6970 firmware | =5.1-sp3 | |
| Mitel 6970 firmware | =5.1-sp4 | |
| Mitel 6970 Conference Unit | ||
| Mitel 6930 SIP firmware | <=5.0 | |
| Mitel 6930 SIP firmware | =5.1 | |
| Mitel 6930 SIP firmware | =5.1-sp1 | |
| Mitel 6930 SIP firmware | =5.1-sp2 | |
| Mitel 6930 SIP firmware | =5.1-sp3 | |
| Mitel 6930 SIP firmware | =5.1-sp4 | |
| Mitel 6930 firmware | ||
| Mitel 6920 SIP firmware | <=5.0 | |
| Mitel 6920 SIP firmware | =5.1 | |
| Mitel 6920 SIP firmware | =5.1-sp1 | |
| Mitel 6920 SIP firmware | =5.1-sp2 | |
| Mitel 6920 SIP firmware | =5.1-sp3 | |
| Mitel 6920 SIP firmware | =5.1-sp4 | |
| Mitel 6920 SIP | ||
| Mitel 6905 SIP firmware | <=5.0 | |
| Mitel 6905 SIP firmware | =5.1 | |
| Mitel 6905 SIP firmware | =5.1-sp1 | |
| Mitel 6905 SIP firmware | =5.1-sp2 | |
| Mitel 6905 SIP firmware | =5.1-sp3 | |
| Mitel 6905 SIP firmware | =5.1-sp4 | |
| Mitel 6905 SIP | ||
| Mitel 6910 SIP firmware | <=5.0 | |
| Mitel 6910 SIP firmware | =5.1 | |
| Mitel 6910 SIP firmware | =5.1-sp1 | |
| Mitel 6910 SIP firmware | =5.1-sp2 | |
| Mitel 6910 SIP firmware | =5.1-sp3 | |
| Mitel 6910 SIP firmware | =5.1-sp4 | |
| Mitel 6910 SIP |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2020-13617?
CVE-2020-13617 has a severity rating that indicates a risk of exposing sensitive information through improper memory handling.
How do I fix CVE-2020-13617?
To fix CVE-2020-13617, you should update the affected Mitel MiVoice 6800 and 6900 series SIP Phones to firmware version 5.1.0.SP5 or later.
Which devices are impacted by CVE-2020-13617?
CVE-2020-13617 affects Mitel MiVoice 6800 and 6900 series SIP Phones with firmware versions prior to 5.1.0.SP5.
Can CVE-2020-13617 be exploited remotely?
Yes, CVE-2020-13617 can potentially be exploited by unauthenticated attackers remotely to expose sensitive information.
What should I do if I cannot update for CVE-2020-13617?
If unable to update for CVE-2020-13617, it is recommended to limit network access to the affected devices as a temporary mitigation.
- agent/type
- agent/references
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/severity
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/mitel
- canonical/mitel 6863i sip firmware
- version/mitel 6863i sip firmware/5.0
- version/mitel 6863i sip firmware/5.1
- version/mitel 6863i sip firmware/5.1-sp1
- version/mitel 6863i sip firmware/5.1-sp2
- version/mitel 6863i sip firmware/5.1-sp3
- version/mitel 6863i sip firmware/5.1-sp4
- canonical/mitel 6863 firmware
- canonical/mitel 6865i firmware
- version/mitel 6865i firmware/5.0
- version/mitel 6865i firmware/5.1
- version/mitel 6865i firmware/5.1-sp1
- version/mitel 6865i firmware/5.1-sp2
- version/mitel 6865i firmware/5.1-sp3
- version/mitel 6865i firmware/5.1-sp4
- canonical/mitel 6865i sip
- canonical/mitel 6867 firmware
- version/mitel 6867 firmware/5.0
- version/mitel 6867 firmware/5.1
- version/mitel 6867 firmware/5.1-sp1
- version/mitel 6867 firmware/5.1-sp2
- version/mitel 6867 firmware/5.1-sp3
- version/mitel 6867 firmware/5.1-sp4
- canonical/mitel 6867i sip
- canonical/mitel 6869 firmware
- version/mitel 6869 firmware/5.0
- version/mitel 6869 firmware/5.1
- version/mitel 6869 firmware/5.1-sp1
- version/mitel 6869 firmware/5.1-sp2
- version/mitel 6869 firmware/5.1-sp3
- version/mitel 6869 firmware/5.1-sp4
- canonical/mitel 6869i sip
- canonical/mitel 6873 firmware
- version/mitel 6873 firmware/5.0
- version/mitel 6873 firmware/5.1
- version/mitel 6873 firmware/5.1-sp1
- version/mitel 6873 firmware/5.1-sp2
- version/mitel 6873 firmware/5.1-sp3
- version/mitel 6873 firmware/5.1-sp4
- canonical/mitel 6873i sip
- canonical/mitel mivoice 6940 firmware
- version/mitel mivoice 6940 firmware/5.0
- version/mitel mivoice 6940 firmware/5.1
- version/mitel mivoice 6940 firmware/5.1-sp1
- version/mitel mivoice 6940 firmware/5.1-sp2
- version/mitel mivoice 6940 firmware/5.1-sp3
- version/mitel mivoice 6940 firmware/5.1-sp4
- canonical/mitel 6940 firmware
- canonical/mitel 6970 firmware
- version/mitel 6970 firmware/5.0
- version/mitel 6970 firmware/5.1
- version/mitel 6970 firmware/5.1-sp1
- version/mitel 6970 firmware/5.1-sp2
- version/mitel 6970 firmware/5.1-sp3
- version/mitel 6970 firmware/5.1-sp4
- canonical/mitel 6970 conference unit
- canonical/mitel 6930 sip firmware
- version/mitel 6930 sip firmware/5.0
- version/mitel 6930 sip firmware/5.1
- version/mitel 6930 sip firmware/5.1-sp1
- version/mitel 6930 sip firmware/5.1-sp2
- version/mitel 6930 sip firmware/5.1-sp3
- version/mitel 6930 sip firmware/5.1-sp4
- canonical/mitel 6930 firmware
- canonical/mitel 6920 sip firmware
- version/mitel 6920 sip firmware/5.0
- version/mitel 6920 sip firmware/5.1
- version/mitel 6920 sip firmware/5.1-sp1
- version/mitel 6920 sip firmware/5.1-sp2
- version/mitel 6920 sip firmware/5.1-sp3
- version/mitel 6920 sip firmware/5.1-sp4
- canonical/mitel 6920 sip
- canonical/mitel 6905 sip firmware
- version/mitel 6905 sip firmware/5.0
- version/mitel 6905 sip firmware/5.1
- version/mitel 6905 sip firmware/5.1-sp1
- version/mitel 6905 sip firmware/5.1-sp2
- version/mitel 6905 sip firmware/5.1-sp3
- version/mitel 6905 sip firmware/5.1-sp4
- canonical/mitel 6905 sip
- canonical/mitel 6910 sip firmware
- version/mitel 6910 sip firmware/5.0
- version/mitel 6910 sip firmware/5.1
- version/mitel 6910 sip firmware/5.1-sp1
- version/mitel 6910 sip firmware/5.1-sp2
- version/mitel 6910 sip firmware/5.1-sp3
- version/mitel 6910 sip firmware/5.1-sp4
- canonical/mitel 6910 sip