Mitel
Company Details
Linkedin ID:
mitel
Website:
Employees number:
3,913
Number of followers:
110,761
NAICS:
517
Industry Type:
Homepage:
mitel.com
IP Addresses:
0
Company ID:
MIT_2761140
Scan Status:
In-progress
Mitel Company CyberSecurity Posture
mitel.com
Powering more than 2 billion connections every day, Mitel helps businesses connect, collaborate and take care of customers.
Mitel A.I CyberSecurity Scoring
Mitel Risk Score (AI oriented)Between 750 and 799
Mitel
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Mitel Global Score (TPRM)XXXX
Mitel
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Mitel Company CyberSecurity News & History
Past Incidents
3
Attack Types
2
Mitel
Cyber Attack
Rankiteo Explanation
Attack without any consequences
Description: Mitel SIP phones experienced a variant of Mirai-based Aquabotv3 botnet attack, targeting a vulnerability (CVE-2024-41710) across several models, including the 6970 Conference Unit up to firmware version R6.4.0.HF1. This attack allowed Aquabotv3 to recruit the phones into a DDoS botnet potentially disrupting communications. Mitel had issued firmware updates to address this issue, but the emergence of PoC exploit code and subsequent attack highlights the ongoing threat to IoT devices. The attack could lead to operational disruptions and compromise the confidentiality and integrity of communications.
Mitel
Vulnerability
Rankiteo Explanation
Attack without any consequences
Description: In January 2025, a variant of the Mirai-based botnet Aquabot, known as Aquabotv3, began targeting Mitel SIP phones by exploiting the CVE-2024-41710 vulnerability in models 6800, 6900, and 6900w series including the 6970 Conference Unit. This vulnerability, discovered by researchers, could allow an attacker with administrative privilege to conduct command injection attacks. Mitel had released firmware updates in mid-2024 to address the issue. Before this, no attacks exploiting this flaw were reported. Aquabotv3's unique signal handling suggests the attackers might be preparing for more stealthy and possibly undetectable future variants. As a Mitel-based product, the affected SIP phones could be part of critical communication systems, and their compromise could lead to significant disruptions.
Mitel
Vulnerability
Rankiteo Explanation
Attack threatening the economy of a geographical region
Description: The Lorenz ransomware gang used a critical vulnerability in Mitel MiVoice VOIP appliances to breach enterprises, using their phone systems for initial access to their corporate networks. Lorenz exploited CVE-2022-29499, a remote code execution vulnerability impacting the Mitel Service Appliance component of MiVoice Connect, and obtained a reverse shell and subsequently used Chisel as a tunnelling tool to pivot into the environment. These devices are used by organizations in critical sectors worldwide (including government agencies), with over 19,000 devices currently exposed to attacks over the Internet. Though Mitel has addressed the vulnerability by releasing security patches in early June 2022 after releasing a remediation script for affected MiVoice Connect versions in April, the threat actors recently exploited other security flaws impacting Mitel devices in record-breaking DDoS amplification attacks.
Mitel Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Mitel
Incidents vs Telecommunications Industry Average (This Year)
No incidents recorded for Mitel in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Mitel in 2025.
Incident Types Mitel vs Telecommunications Industry Avg (This Year)
No incidents recorded for Mitel in 2025.
Incident History — Mitel (X = Date, Y = Severity)
Mitel cyber incidents detection timeline including parent company and subsidiaries
Mitel Company Subsidiaries
Powering more than 2 billion connections every day, Mitel helps businesses connect, collaborate and take care of customers.
Loading...
Mitel Similar Companies
Telecom Egypt
Since its establishment in 1854, Telecom Egypt has played a pivotal role in driving growth within the local ICT market capitalizing on its vast infrastructure, which is one of the largest in the region. Its vast domestic and international infrastructure has helped it serve various customer groups in
Telecom Argentina
We are Telecom Argentina, a connectivity solutions and entertainment company with over 23,000 collaborators throughout the country. We transform the digital experience of our over 28 million customers providing them a secure, flexible and dynamic service on all of their devices, with high speed mobi
Lumen Technologies
Lumen connects the world. We digitally connect people, data and applications – quickly, securely and effortlessly. Everything we do at Lumen takes advantage of our network strength. From metro connectivity to long-haul data transport to our edge cloud, security, and managed service capabilities, we
Orange is one of the world’s leading telecommunications operators with revenues of 40.3 billion euros in 2024 and 127,000 employees worldwide at 31 December 2024, including 71,000 employees in France. The Group has a total customer base of 291 million customers worldwide at 31 December 2024, inclu
Safaricom PLC
Safaricom is the leading provider of converged communication solutions in Kenya. In addition to providing a broad range of first-class products and services for Telephony, Broadband Internet and Financial services, Safaricom seeks to uplift the welfare of Kenyans through value-added services and sup
Motorola Solutions
About Motorola Solutions | Solving for safer Safety and security are at the heart of everything we do at Motorola Solutions. We build and connect technologies to help protect people, property and places. Our solutions foster the collaboration that’s critical for safer communities, safer schools, sa
Bell
We advance how people connect with each other and the world #ConnectionIsEverything. Bell is Canada's largest communications company providing advanced Bell broadband wireless, Internet, TV, media and business communications services. Founded in Montréal in 1880, Bell is wholly owned by BCE Inc. T
Vodafone
At Vodafone, we believe that connectivity is a force for good. If we use it for the things that really matter, it can improve people's lives and the world around us. Through our technology we empower people, connecting everyone regardless of who they are or where they live, we protect the planet a
Telmex
TELMEX, la empresa líder de telecomunicaciones y servicios TI en México, ha realizado importantes inversiones para desarrollar la plataforma tecnológica más robusta y vanguardista del país, que le permite ofrecer la más amplia gama de soluciones, con los mayores estándares de calidad, seguridad, con
.png)
Mitel CyberSecurity News
September 23, 2025 07:00 AM
Dr. Kwame Assa-Agyei: From Ghana to Global Cybersecurity Leadership
In an era of escalating digital threats and growing demand for secure systems, Dr . Kwame Assa-Agyei stands as a beacon of innovation,...
September 15, 2025 07:00 AM
Avaya, Mitel bet on hybrid on-premises unified communications
Avaya and Mitel cut debt to stabilize, but doubts remain. What does their restructuring mean for on-premises unified communications in a...
September 11, 2025 07:00 AM
Mindfulness Meets Cybersecurity: A Game- Changer for Human Risk Management
Vast majority of Brigantia users reported improved calmness (94%) and focus (82%) when using The Zensory platform. Leading cybersecurity...
September 08, 2025 07:00 AM
Exertis Cybersecurity announces partnerships with ShelterZoom and Private Communications Corp
Exertis Cybersecurity, a sub-division of Exertis Enterprise, has expanded its security offering through new partnerships with ShelterZoom,...
July 25, 2025 07:00 AM
Mitel Patches Critical Flaw in Enterprise Communication Platform
An authentication bypass vulnerability in Mitel MiVoice MX-ONE could allow attackers to access user or admin accounts on the system.
July 24, 2025 07:00 AM
Critical Mitel Flaw Lets Hackers Bypass Login, Gain Full Access to MiVoice MX-ONE Systems
Mitel fixes critical MiVoice and MiCollab flaws that allow account access and SQL attacks. Users must update to avoid system compromise.
June 16, 2025 07:00 AM
Remote hacking possible with patched critical Mitel MiCollab flaw
Organizations have been urged by Mitel to remediate a critical path traversal vulnerability in the MiCollab communications and collaboration platform.
June 13, 2025 07:00 AM
Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking
Mitel has announced patches for a MiCollab path traversal vulnerability that can be exploited remotely without authentication.
May 13, 2025 07:00 AM
Mitel’s OpenScape Voice Solution Achieves JITC Certification Following Extensive Testing For Use By U.S. Department of Defense
Mitel, a global leader in business communications, announced its OpenScape Voice platform has been tested for interoperability and...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Mitel CyberSecurity History Information
Official Website of Mitel
The official website of Mitel is http://www.mitel.com.
Mitel’s AI-Generated Cybersecurity Score
According to Rankiteo, Mitel’s AI-generated cybersecurity score is 754, reflecting their Fair security posture.
How many security badges does Mitel’ have ?
According to Rankiteo, Mitel currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Mitel have SOC 2 Type 1 certification ?
According to Rankiteo, Mitel is not certified under SOC 2 Type 1.
Does Mitel have SOC 2 Type 2 certification ?
According to Rankiteo, Mitel does not hold a SOC 2 Type 2 certification.
Does Mitel comply with GDPR ?
According to Rankiteo, Mitel is not listed as GDPR compliant.
Does Mitel have PCI DSS certification ?
According to Rankiteo, Mitel does not currently maintain PCI DSS compliance.
Does Mitel comply with HIPAA ?
According to Rankiteo, Mitel is not compliant with HIPAA regulations.
Does Mitel have ISO 27001 certification ?
According to Rankiteo,Mitel is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Mitel
Mitel operates primarily in the Telecommunications industry.
Number of Employees at Mitel
Mitel employs approximately 3,913 people worldwide.
Subsidiaries Owned by Mitel
Mitel presently has no subsidiaries across any sectors.
Mitel’s LinkedIn Followers
Mitel’s official LinkedIn profile has approximately 110,761 followers.
NAICS Classification of Mitel
Mitel is classified under the NAICS code 517, which corresponds to Telecommunications.
Mitel’s Presence on Crunchbase
No, Mitel does not have a profile on Crunchbase.
Mitel’s Presence on LinkedIn
Yes, Mitel maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/mitel.
Cybersecurity Incidents Involving Mitel
As of December 04, 2025, Rankiteo reports that Mitel has experienced 3 cybersecurity incidents.
Number of Peer and Competitor Companies
Mitel has an estimated 9,612 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Mitel ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability and Cyber Attack.
How does Mitel detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with security patches released in june 2022, remediation measures with remediation script released in april 2022, and remediation measures with firmware updates, and remediation measures with firmware updates released in mid-2024..
Incident Details
Can you provide details on each incident ?
Title: Lorenz Ransomware Attack on Mitel MiVoice VOIP Appliances
Description: The Lorenz ransomware gang used a critical vulnerability in Mitel MiVoice VOIP appliances to breach enterprises, using their phone systems for initial access to their corporate networks. Lorenz exploited CVE-2022-29499, a remote code execution vulnerability impacting the Mitel Service Appliance component of MiVoice Connect, and obtained a reverse shell and subsequently used Chisel as a tunnelling tool to pivot into the environment. These devices are used by organizations in critical sectors worldwide (including government agencies), with over 19,000 devices currently exposed to attacks over the Internet.
Type: Ransomware
Attack Vector: Exploitation of a vulnerability in Mitel MiVoice VOIP appliances
Vulnerability Exploited: CVE-2022-29499
Threat Actor: Lorenz ransomware gang
Motivation: Unauthorized access and data breach
Title: Mitel SIP Phones Aquabotv3 DDoS Botnet Attack
Description: Mitel SIP phones experienced a variant of Mirai-based Aquabotv3 botnet attack, targeting a vulnerability (CVE-2024-41710) across several models, including the 6970 Conference Unit up to firmware version R6.4.0.HF1. This attack allowed Aquabotv3 to recruit the phones into a DDoS botnet potentially disrupting communications. Mitel had issued firmware updates to address this issue, but the emergence of PoC exploit code and subsequent attack highlights the ongoing threat to IoT devices. The attack could lead to operational disruptions and compromise the confidentiality and integrity of communications.
Type: DDoS Botnet
Attack Vector: Firmware Vulnerability (CVE-2024-41710)
Vulnerability Exploited: CVE-2024-41710
Threat Actor: Aquabotv3
Motivation: DDoS Botnet Recruitment
Title: Aquabotv3 Botnet Targeting Mitel SIP Phones
Description: A variant of the Mirai-based botnet Aquabot, known as Aquabotv3, began targeting Mitel SIP phones by exploiting the CVE-2024-41710 vulnerability in models 6800, 6900, and 6900w series including the 6970 Conference Unit. This vulnerability could allow an attacker with administrative privilege to conduct command injection attacks.
Date Detected: January 2025
Type: Botnet Attack
Attack Vector: Command Injection Attack
Vulnerability Exploited: CVE-2024-41710
Threat Actor: Aquabotv3
Motivation: Possible preparation for more stealthy and undetectable future variants
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Mitel MiVoice VOIP appliances and Firmware Vulnerability (CVE-2024-41710).
Impact of the Incidents
What was the impact of each incident ?
Incident : Ransomware MIT197291022
Systems Affected: Mitel MiVoice VOIP appliances
Incident : DDoS Botnet MIT000013025
Systems Affected: Mitel SIP phones, including the 6970 Conference Unit up to firmware version R6.4.0.HF1
Operational Impact: Potential operational disruptions
Incident : Botnet Attack MIT000013125
Systems Affected: Mitel SIP phones (models 6800, 6900, 6900w series including the 6970 Conference Unit)
Downtime: Significant disruptions possible
Which entities were affected by each incident ?
Incident : Ransomware MIT197291022
Entity Name: Mitel
Entity Type: Organization
Industry: Technology
Location: Worldwide
Incident : DDoS Botnet MIT000013025
Entity Name: Mitel
Entity Type: Company
Industry: Telecommunications
Incident : Botnet Attack MIT000013125
Entity Name: Mitel
Entity Type: Company
Industry: Telecommunications
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Ransomware MIT197291022
Remediation Measures: Security patches released in June 2022Remediation script released in April 2022
Incident : DDoS Botnet MIT000013025
Remediation Measures: Firmware updates
Incident : Botnet Attack MIT000013125
Remediation Measures: Firmware updates released in mid-2024
Data Breach Information
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Security patches released in June 2022, Remediation script released in April 2022, , Firmware updates, Firmware updates released in mid-2024.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Ransomware MIT197291022
Ransomware Strain: Lorenz
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Ransomware MIT197291022
Entry Point: Mitel MiVoice VOIP appliances
Incident : DDoS Botnet MIT000013025
Entry Point: Firmware Vulnerability (CVE-2024-41710)
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : Ransomware MIT197291022
Root Causes: Exploitation of CVE-2022-29499
Corrective Actions: Release Of Security Patches, Remediation Script,
Incident : DDoS Botnet MIT000013025
Root Causes: Firmware Vulnerability (CVE-2024-41710)
Corrective Actions: Firmware updates
What corrective actions has the company taken based on post-incident analysis ?
Corrective Actions Taken: The company has taken the following corrective actions based on post-incident analysis: Release Of Security Patches, Remediation Script, , Firmware updates.
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Lorenz ransomware gang, Aquabotv3 and Aquabotv3.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on January 2025.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Mitel MiVoice VOIP appliances and and .
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker were an Mitel MiVoice VOIP appliances and Firmware Vulnerability (CVE-2024-41710).
Post-Incident Analysis
What was the most significant root cause identified in post-incident analysis ?
Most Significant Root Cause: The most significant root cause identified in post-incident analysis was Exploitation of CVE-2022-29499, Firmware Vulnerability (CVE-2024-41710).
What was the most significant corrective action taken based on post-incident analysis ?
Most Significant Corrective Action: The most significant corrective action taken based on post-incident analysis was Release of security patchesRemediation script, Firmware updates.
.png)
Latest Global CVEs (Not Company-Specific)
Description
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.
Risk Information
cvss3
Base: 6.4
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H
Description
XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.
Description
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.
Description
Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in the authentication flow. This vulnerability is fixed in 5.9.8.
Risk Information
cvss4
Base: 9.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.
Risk Information
cvss4
Base: 5.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=mitel' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
