CVE-2025-47188

MEDIUM

Published 2025-08-07T00:00:00.000Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2025-47188. We'll provide specific mitigation strategies based on your environment and risk profile.

CVSS Score

V3.1

6.5

/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

Base Score Metrics

Exploitability: N/A Impact: N/A

Attack Vector Metrics

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Impact Metrics

Confidentiality

LOW

Integrity

LOW

Availability

NONE

Description

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the 6970 Conference Unit through 6.4 SP4, could allow an unauthenticated attacker to conduct a command injection attack due to insufficient parameter sanitization. A successful exploit could allow an attacker to execute arbitrary commands within the context of the phone, leading to disclosure or modification of sensitive configuration data or affecting device availability and operation.

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

EU Vulnerability Database

Monitored by ENISA for EU cybersecurity

EU Coordination

EU Coordinated

Exploitation Status

No Known Exploitation

EUVD ID

View on ENISA

ENISA Analysis

Affected Products (ENISA)

n/a

ENISA Scoring

CVSS Score (3.1)

6.5

/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

EPSS Score

9.480

probability

ENISA References

https://www.mitel.com/support/security-advisories

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0004

Data provided by ENISA EU Vulnerability Database. Last updated: August 7, 2025

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-fc57-f2r9-g74m

Advisory Details

CVSS Scoring

CVSS Score

5.0

CVSS Vector


                                    CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2025-47188

WEB https://www.mitel.com/support/security-advisories

WEB https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0004

Advisory provided by GitHub Security Advisory Database. Published: August 7, 2025, Modified: August 7, 2025

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

6 posts

Reddit • 3 days, 19 hours ago

crstux

Exploit

🔥 Top 10 Trending CVEs (15/09/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-52915](https://nvd.nist.gov/vuln/detail/CVE-2025-52915)** - 📝 K7RKScan.sys 23.0.0.10, part of the K7 Security Anti-Malware suite, allows an admin-privileged user to send crafted IOCTL requests to terminate processes that are protected through a third-party implementation. …

Also mentions: CVE-2025-21043 CVE-2025-54910 CVE-2025-54906 CVE-2025-43300 CVE-2023-4130 CVE-2025-1055 CVE-2025-32756 CVE-2023-52440

2.0

View Original High Risk

Reddit • 4 days, 14 hours ago

crstux

Exploit

🔥 Top 10 Trending CVEs (14/09/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2023-52440](https://nvd.nist.gov/vuln/detail/CVE-2023-52440)** - 📝 In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() If authblob->SessionKey.Length is bigger than session key size(CIFS_KEY_SIZE), slub overflow can happen …

Also mentions: CVE-2025-21043 CVE-2025-54910 CVE-2025-54906 CVE-2025-43300 CVE-2023-4130 CVE-2025-5086 CVE-2025-32756 CVE-2023-52440

1.0

View Original High Risk

Reddit • 1 month ago

glatisantbeast

Exploit

Applying OSINT for mining exploit intelligence related to CVE, EUVD, CNNVD, and BDU identifiers. Many network-exploitable vulnerabilities, such as **CVE-2025-47188**, remain delayed in disclosure, poorly documented, and without meaningful enrichment. Even though it has been actively exploited since May 2025, this vulnerability is still not enriched by NVD, EPSS, or …

0.0

View Original High Risk

Reddit • 1 month ago

glatisantbeast

Exploit

Mining Exploit Intelligence to develop custom Nuclei templates for CVE, EUVD, CNNVD & BDU. Many network-exploitable vulnerabilities, such as CVE-2025-47188, remains delayed, poorly documented and lack meaningful enrichment. Despite being actively exploited since May 2025, this vulnerability is still not enriched by NVD, EPSS or proprietary vulnerability databases. VEDAS can …

5.0

View Original High Risk

Reddit • 1 month, 1 week ago

glatisantbeast

Exploit

Mining Exploit Intelligence to develop custom Nuclei templates for CVE, EUVD, CNNVD & BDU Many network-exploitable vulnerabilities, such as CVE-2025-47188, remains delayed, poorly documented and lack meaningful enrichment. Despite being actively exploited since May 2025, this vulnerability is still not enriched by NVD, EPSS or proprietary vulnerability databases. VEDAS ([https://vedas.arpsyndicate.io](https://vedas.arpsyndicate.io/)) …

3.0

View Original High Risk

Reddit • 1 month, 1 week ago

glatisantbeast

Exploit

17.0

View Original High Risk

References

https://www.mitel.com/support/security-advisories

https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0004

Published: 2025-08-07T00:00:00.000Z

Last Modified: 2025-08-07T20:28:16.134Z

Copied to clipboard!

CVE-2025-47188

Expert Analysis

CVSS Score

Attack Vector Metrics

Impact Metrics

Description

Available Exploits

Related News

EU Vulnerability Database

EU Coordination

Exploitation Status

EUVD ID

ENISA Analysis

Affected Products (ENISA)

ENISA Scoring

CVSS Score (3.1)

EPSS Score

ENISA References

GitHub Security Advisories

Advisory Details

CVSS Scoring

CVSS Score

CVSS Vector

References

Social Media Intelligence

References

Request Analysis

What to expect

Request Received!