CVE-2025-47187 – Mitel SIP Phones File Upload Vulnerability

CVE ID : CVE-2025-47187

Published : July 23, 2025, 7:15 p.m. | 1 hour, 45 minutes ago

Description : A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit through 6.4 SP4, could allow an unauthenticated attacker to perform a file upload attack due to missing authentication mechanisms. A successful exploit could allow an attacker to upload arbitrary WAV files, which may potentially exhaust the phone’s storage without affecting the phone’s availability or operation.

Severity: 7.5 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…