cbcvebase.
CVE-2025-67822
published 2026-01-15

CVE-2025-67822: A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 (7.3.0.0.50) through 7.8 SP1 (7.8.1.0.14) could allow an unauthenticated…

PriorityP268critical9.4CVSS 3.1
AVNACLPRNUINSUCLIHAH
EPSS
0.37%
29.1th percentile
A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 (7.3.0.0.50) through 7.8 SP1 (7.8.1.0.14) could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gain unauthorized access to user or admin accounts in the system.

Affected

2 ranges
VendorProductVersion rangeFixed in
mitelmivoice_mx-one
mitelmivoice_mx-one>= 7.3 < 7.87.8
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.