The TP-240 (aka tp240dvr) component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service (performance degradation and excessive outbound traffic). This was exploited in the wild in February and March 2022 for the TP240PhoneHome DDoS attack.
References
Link | Resource |
---|---|
https://arstechnica.com/information-technology/2022/03/ddosers-use-new-method-capable-of-amplifying-traffic-by-a-factor-of-4-billion/ | Exploit Press/Media Coverage Third Party Advisory |
https://blog.cloudflare.com/cve-2022-26143/ | Mitigation Third Party Advisory |
https://news.ycombinator.com/item?id=30614073 | Issue Tracking Third Party Advisory |
https://team-cymru.com/blog/2022/03/08/record-breaking-ddos-potential-discovered-cve-2022-26143/ | Mitigation Third Party Advisory |
https://www.akamai.com/blog/security/phone-home-ddos-attack-vector | Mitigation Third Party Advisory |
https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-22-0001 | Vendor Advisory |
https://www.shadowserver.org/news/cve-2022-26143-tp240phonehome-reflection-amplification-ddos-attack-vector/ | Mitigation Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
08 Aug 2023, 14:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-306 |
18 Mar 2022, 19:52
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://arstechnica.com/information-technology/2022/03/ddosers-use-new-method-capable-of-amplifying-traffic-by-a-factor-of-4-billion/ - Exploit, Press/Media Coverage, Third Party Advisory | |
References | (MISC) https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-22-0001 - Vendor Advisory | |
References | (MISC) https://www.akamai.com/blog/security/phone-home-ddos-attack-vector - Mitigation, Third Party Advisory | |
References | (MISC) https://news.ycombinator.com/item?id=30614073 - Issue Tracking, Third Party Advisory | |
References | (MISC) https://team-cymru.com/blog/2022/03/08/record-breaking-ddos-potential-discovered-cve-2022-26143/ - Mitigation, Third Party Advisory | |
References | (MISC) https://www.shadowserver.org/news/cve-2022-26143-tp240phonehome-reflection-amplification-ddos-attack-vector/ - Mitigation, Third Party Advisory | |
References | (MISC) https://blog.cloudflare.com/cve-2022-26143/ - Mitigation, Third Party Advisory | |
CPE | cpe:2.3:a:mitel:micollab:9.4:-:*:*:*:-:*:* cpe:2.3:a:mitel:micollab:*:*:*:*:*:-:*:* cpe:2.3:a:mitel:mivoice_business_express:*:*:*:*:*:*:*:* cpe:2.3:a:mitel:micollab:9.4:sp1:*:*:*:-:*:* |
|
CWE | CWE-863 | |
CVSS |
v2 : v3 : |
v2 : 9.0
v3 : 9.8 |
First Time |
Mitel micollab
Mitel mivoice Business Express Mitel |
10 Mar 2022, 17:53
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-10 17:47
Updated : 2023-12-10 14:22
NVD link : CVE-2022-26143
Mitre link : CVE-2022-26143
CVE.ORG link : CVE-2022-26143
JSON object : View
Products Affected
mitel
- mivoice_business_express
- micollab
CWE
CWE-306
Missing Authentication for Critical Function