8.1
CVE-2020-27639
- EPSS 0.29%
- Published 18.12.2020 08:15:14
- Last modified 21.11.2024 05:21:34
- Source cve@mitre.org
- Teams watchlist Login
- Open Login
The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP phones with firmware before 5.1.0.SP6 could allow an unauthenticated attacker within Bluetooth range to pair a rogue Bluetooth device when a phone handset loses connection, due to an improper pairing mechanism. A successful exploit could allow an attacker to eavesdrop on conversations.
Data is provided by the National Vulnerability Database (NVD)
Mitel ≫ 6873i Sip Firmware Version < 5.1.0
Mitel ≫ 6873i Sip Firmware Version5.1.0 Update-
Mitel ≫ 6873i Sip Firmware Version5.1.0 Updatesp1
Mitel ≫ 6873i Sip Firmware Version5.1.0 Updatesp2
Mitel ≫ 6873i Sip Firmware Version5.1.0 Updatesp3
Mitel ≫ 6873i Sip Firmware Version5.1.0 Updatesp4
Mitel ≫ 6873i Sip Firmware Version5.1.0 Updatesp5
Mitel ≫ 6930 Sip Firmware Version < 5.1.0
Mitel ≫ 6930 Sip Firmware Version5.1.0 Update-
Mitel ≫ 6930 Sip Firmware Version5.1.0 Updatesp1
Mitel ≫ 6930 Sip Firmware Version5.1.0 Updatesp2
Mitel ≫ 6930 Sip Firmware Version5.1.0 Updatesp3
Mitel ≫ 6930 Sip Firmware Version5.1.0 Updatesp4
Mitel ≫ 6930 Sip Firmware Version5.1.0 Updatesp5
Mitel ≫ 6940 Sip Firmware Version < 5.1.0
Mitel ≫ 6940 Sip Firmware Version5.1.0 Update-
Mitel ≫ 6940 Sip Firmware Version5.1.0 Updatesp1
Mitel ≫ 6940 Sip Firmware Version5.1.0 Updatesp2
Mitel ≫ 6940 Sip Firmware Version5.1.0 Updatesp3
Mitel ≫ 6940 Sip Firmware Version5.1.0 Updatesp4
Mitel ≫ 6940 Sip Firmware Version5.1.0 Updatesp5
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.488 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
|
| nvd@nist.gov | 4.8 | 6.5 | 4.9 |
AV:A/AC:L/Au:N/C:P/I:N/A:P
|