← Back to CVEs
CVE-2022-26143
CRITICALCISA KEV9.8
Description
The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published3/10/2022
Last Modified11/3/2025
Sourcekev
Honeypot Sightings0
CISA KEV
VendorMitel
ProductMiCollab, MiVoice Business Express
Vulnerability NameMiCollab, MiVoice Business Express Access Control Vulnerability
KEV Date Added2022-03-25
Remediation Due Date2022-04-15
Ransomware UseUnknown
Affected Products
mitel:micollabmitel:mivoice_business_express
Weaknesses (CWE)
CWE-306CWE-306
References
https://arstechnica.com/information-technology/2022/03/ddosers-use-new-method-capable-of-amplifying-traffic-by-a-factor-of-4-billion/(cve@mitre.org)
https://blog.cloudflare.com/cve-2022-26143/(cve@mitre.org)
https://news.ycombinator.com/item?id=30614073(cve@mitre.org)
https://team-cymru.com/blog/2022/03/08/record-breaking-ddos-potential-discovered-cve-2022-26143/(cve@mitre.org)
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-22-0001(cve@mitre.org)
https://www.shadowserver.org/news/cve-2022-26143-tp240phonehome-reflection-amplification-ddos-attack-vector/(cve@mitre.org)
https://arstechnica.com/information-technology/2022/03/ddosers-use-new-method-capable-of-amplifying-traffic-by-a-factor-of-4-billion/(af854a3a-2127-422b-91ae-364da2661108)
https://blog.cloudflare.com/cve-2022-26143/(af854a3a-2127-422b-91ae-364da2661108)
https://news.ycombinator.com/item?id=30614073(af854a3a-2127-422b-91ae-364da2661108)
https://team-cymru.com/blog/2022/03/08/record-breaking-ddos-potential-discovered-cve-2022-26143/(af854a3a-2127-422b-91ae-364da2661108)
https://www.akamai.com/blog/security/phone-home-ddos-attack-vector(af854a3a-2127-422b-91ae-364da2661108)
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-22-0001(af854a3a-2127-422b-91ae-364da2661108)
https://www.shadowserver.org/news/cve-2022-26143-tp240phonehome-reflection-amplification-ddos-attack-vector/(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-26143(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.