High severity7.3NVD Advisory· Published Feb 6, 2025· Updated Apr 15, 2026

CVE-2025-23094

Description

The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager V11 R0.22.0 through V11 R0.22.1, V10 R1.54.0 through V10 R1.54.1, and V10 R1.42.6 and earlier could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands within the same privilege level as the web access process.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0001nvd

News mentions

No linked articles in our index yet.

cvss	0.474
epss	0.002
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000