CVE-2025-23094

CVSS 3.1 Score 7.3 of 10 (high)

Details

Published Feb 6, 2025

Updated: Feb 11, 2025

CWE ID 77

Summary

CVE-2025-23094 is a vulnerability affecting Mitel OpenScape 4000 and OpenScape 4000 Manager versions V11 R0.22.0 through V11 R0.22.1, V10 R1.54.0 through V10 R1.54.1, and V10 R1.42.6 and earlier. An attacker can exploit this issue by injecting commands due to insufficient parameter sanitization in the Platform component. This vulnerability allows an unauthenticated adversary to execute arbitrary commands with the same privileges as the web access process. Successful exploitation could lead to significant security implications for affected organizations.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2XL00a
https://www.cve.org/CVERecord?id=CVE-2025-23094
https://nvd.nist.gov/vuln/detail/CVE-2025-23094

Back to Vulnerability Database

CVE-2025-23094

CVSS 3.1 Score 7.3 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations