The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940 SIP phones with firmware before 5.1.0.SP6 could allow an unauthenticated attacker within Bluetooth range to pair a rogue Bluetooth device when a phone handset loses connection, due to an improper pairing mechanism. A successful exploit could allow an attacker to eavesdrop on conversations.
2020-12-18T08:15:14.937
2024-11-21T05:21:34.020
Modified
CVSSv3.1: 8.1 (HIGH)
AV:A/AC:L/Au:N/C:P/I:N/A:P
6.5
4.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | mitel | 6873i_sip_firmware | < 5.1.0 | Yes |
| Operating System | mitel | 6873i_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6873i_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6873i_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6873i_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6873i_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6873i_sip_firmware | 5.1.0 | Yes |
| Hardware | mitel | 6873i_sip | - | No |
| Operating System | mitel | 6930_sip_firmware | < 5.1.0 | Yes |
| Operating System | mitel | 6930_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6930_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6930_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6930_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6930_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6930_sip_firmware | 5.1.0 | Yes |
| Hardware | mitel | 6930_sip | - | No |
| Operating System | mitel | 6940_sip_firmware | < 5.1.0 | Yes |
| Operating System | mitel | 6940_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6940_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6940_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6940_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6940_sip_firmware | 5.1.0 | Yes |
| Operating System | mitel | 6940_sip_firmware | 5.1.0 | Yes |
| Hardware | mitel | 6940_sip | - | No |