4.3

CVE-2007-5637

Exploit

EPSS 11.67%
Published 23.10.2007 17:46:00
Last modified 09.04.2025 00:30:58
Source cve@mitre.org
Teams watchlist Login
Open Login

The Nortel UNIStim IP Softphone 2050, IP Phone 1140E, and additional Nortel products from the IP Phone, Business Communications Manager (BCM), and other product lines allow remote attackers to eavesdrop on the physical environment via an Open Audio Stream message that enables "surveillance mode." NOTE: issues relating to a small ID number space can be leveraged to make this attack easier.

Affected products Warnungen 0 Metrics 2 CWE 1 References 12

Data is provided by the National Vulnerability Database (NVD)

Nortel ≫ Business Communications Manager Version50

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Business Communications Manager Version50a

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Business Communications Manager Version50e

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Business Communications Manager Version200

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Business Communications Manager Version400

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Business Communications Manager Version1000

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Business Communications Manager Versionsrg50

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Business Communications Manager Versionsrg200

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Centrex Ip Client Manager

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Centrex Ip Element Manager

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Meridian Option 11c

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Meridian Option 51c

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Meridian Option 61c

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Meridian Option 81c

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Meridian Sl100 Versioncs2100

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Nortel ≫ Mobile Voice Client 2050

   Nortel ≫ Multimedia Communication Server 5100
   Nortel ≫ Multimedia Communication Server 5200
   Nortel ≫ Communications Server Version1000e
   Nortel ≫ Communications Server Version1000m
   Nortel ≫ Communications Server Version1000s
   Nortel ≫ Communications Server Version2100
   Nortel ≫ Ip Audio Conference Phone 2033
   Nortel ≫ Ip Phone 1110
   Nortel ≫ Ip Phone 1120e
   Nortel ≫ Ip Phone 1140e
   Nortel ≫ Ip Phone 1150e
   Nortel ≫ Ip Phone 2001
   Nortel ≫ Ip Phone 2002
   Nortel ≫ Ip Phone 2004
   Nortel ≫ Ip Phone 2007
   Nortel ≫ Wlan Handset 2210
   Nortel ≫ Wlan Handset 2211
   Nortel ≫ Wlan Handset 2212
   Nortel ≫ Wlan Handset 6120
   Nortel ≫ Wlan Handset 6140

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	11.67%	0.932

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	4.3	8.6	2.9	AV:N/AC:M/Au:N/C:P/I:N/A:N

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

http://osvdb.org/41769

http://secunia.com/advisories/27234

Vendor Advisory

http://securityreason.com/securityalert/3272

http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=654714

Patch

http://www.csnc.ch/static/advisory/csnc/nortel_IP_phone_surveillance_mode_v1.0.txt

http://www.securityfocus.com/archive/1/482478/100/0/threaded

http://www.securityfocus.com/bid/26120

Patch

Exploit

http://www116.nortel.com/pub/repository/CLARIFY/DOCUMENT/2007/42/022870-01.pdf

https://exchange.xforce.ibmcloud.com/vulnerabilities/37255

https://nvd.nist.gov/vuln/detail/CVE-2007-5637

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2007-5637

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2007-5637

EUVD