An RCE zero-day in unpatched versions of a Linux-based Mitel VoIP application is the new threat to tens of thousands of devices, with most in the U.S. and U.K. The flaw occurs due to insufficient data validation for a diagnostic script, which allows remote and unauthorized attackers to add commands with specially crafted requests. Experts suggest admins apply the mitigations quickly.
Support the originator by clicking the read the rest link below.