Mitel 6800 and 6900 SIP Series Phones: SRTP 128-bit Key Length Vulnerability

Mitel 6800 and 6900 SIP Series Phones: SRTP 128-bit Key Length Vulnerability

CVE-2019-18863 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercept sensitive information.

Learn more about our Web Application Penetration Testing UK.