CVE-2024-41710CISA KEVEPSS p98.5%

CVE-2024-41710Mitel SIP Phones Argument Injection Vulnerability

Mitel / SIP Phones

Description

Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit, contain an argument injection vulnerability due to insufficient parameter sanitization during the boot process. Successful exploitation may allow an attacker to execute arbitrary commands within the context of the system.

Scoring

EPSS41.20% probability of exploitation · percentile 98.5% · 2026-06-18T12:00:27Z

CISA KEV entry

Added to KEV: 2025-02-12

(incoming)1

TypeTargetConfidenceTier
KEVEntryMitel SIP Phones Argument Injection Vulnerabilitykev-cve-2024-417100%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2022-40765
CVE
Mitel MiVoice Connect Data Validation Vulnerability
CVE
CVE-2022-41223
CVE
CVE-2025-52914
CVE
Mitel MiCollab Path Traversal Vulnerability
CVE
Cisco IP Phones Web Server Remote Code Execution and Denial-of-Service Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.