Mitel

In January 2025, a variant of the Mirai-based botnet Aquabot, known as Aquabotv3, began targeting Mitel SIP phones by exploiting the CVE-2024-41710 vulnerability in models 6800, 6900, and 6900w series including the 6970 Conference Unit. This vulnerability, discovered by researchers, could allow an attacker with administrative privilege to conduct command injection attacks. Mitel had released firmware updates in mid-2024 to address the issue. Before this, no attacks exploiting this flaw were reported. Aquabotv3's unique signal handling suggests the attackers might be preparing for more stealthy and possibly undetectable future variants. As a Mitel-based product, the affected SIP phones could be part of critical communication systems, and their compromise could lead to significant disruptions.

Source: https://securityaffairs.com/173607/breaking-news/aquabot-variant-v3-targets-mitel-sip-phones.html

"id": "mit000013125",
"linkid": "mitel",
"type": "Vulnerability",
"date": "1/2025",
"severity": "25",
"impact": "1",
"explanation": "Attack without any consequences"