← Volver a CVEs

CVE-2022-26143

CRITICALCISA KEV

9.8

Descripcion

The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack.

Detalles CVE

Puntuacion CVSS v3.19.8

SeveridadCRITICAL

Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vector de ataqueNETWORK

ComplejidadLOW

Privilegios requeridosNONE

Interaccion usuarioNONE

Publicado3/10/2022

Ultima modificacion11/3/2025

Fuentekev

Avistamientos honeypot0

CISA KEV

VendedorMitel

ProductoMiCollab, MiVoice Business Express

Nombre vulnerabilidadMiCollab, MiVoice Business Express Access Control Vulnerability

Fecha inclusion KEV2022-03-25

Fecha limite remediacion2022-04-15

Uso en ransomwareUnknown

Productos afectados

mitel:micollabmitel:mivoice_business_express

Debilidades (CWE)

CWE-306CWE-306

Referencias

https://arstechnica.com/information-technology/2022/03/ddosers-use-new-method-capable-of-amplifying-traffic-by-a-factor-of-4-billion/(cve@mitre.org)

https://blog.cloudflare.com/cve-2022-26143/(cve@mitre.org)

https://news.ycombinator.com/item?id=30614073(cve@mitre.org)

https://team-cymru.com/blog/2022/03/08/record-breaking-ddos-potential-discovered-cve-2022-26143/(cve@mitre.org)

https://www.akamai.com/blog/security/phone-home-ddos-attack-vector(cve@mitre.org)

https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-22-0001(cve@mitre.org)

https://www.shadowserver.org/news/cve-2022-26143-tp240phonehome-reflection-amplification-ddos-attack-vector/(cve@mitre.org)

https://arstechnica.com/information-technology/2022/03/ddosers-use-new-method-capable-of-amplifying-traffic-by-a-factor-of-4-billion/(af854a3a-2127-422b-91ae-364da2661108)

https://blog.cloudflare.com/cve-2022-26143/(af854a3a-2127-422b-91ae-364da2661108)

https://news.ycombinator.com/item?id=30614073(af854a3a-2127-422b-91ae-364da2661108)

https://team-cymru.com/blog/2022/03/08/record-breaking-ddos-potential-discovered-cve-2022-26143/(af854a3a-2127-422b-91ae-364da2661108)

https://www.akamai.com/blog/security/phone-home-ddos-attack-vector(af854a3a-2127-422b-91ae-364da2661108)

https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-22-0001(af854a3a-2127-422b-91ae-364da2661108)

https://www.shadowserver.org/news/cve-2022-26143-tp240phonehome-reflection-amplification-ddos-attack-vector/(af854a3a-2127-422b-91ae-364da2661108)

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26143(134c704f-9b21-4f2e-91b3-4a467353bcc0)

Correlaciones IOC

Sin correlaciones registradas

This product uses data from the NVD API but is not endorsed or certified by the NVD.