{"vulnerability": "cve-2025-5291", "sightings": [{"uuid": "98492a85-995c-44a7-9a47-a4acc63df6fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52914", "type": "seen", "source": "https://bsky.app/profile/rxerium.com/post/3lururwqfoq2s", "content": "", "creation_timestamp": "2025-07-25T10:48:49.548154Z"}, {"uuid": "62a660b8-fde5-4f49-9a9b-eb75399d301e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52919", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ls5xjycltz2q", "content": "", "creation_timestamp": "2025-06-22T01:54:25.116374Z"}, {"uuid": "58201eef-2d0c-4182-9e3d-3f5554c63d16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5291", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrsujxd36h2a", "content": "", "creation_timestamp": "2025-06-17T16:01:25.565942Z"}, {"uuid": "3f234711-fb79-4de0-b83c-9f56ff602ca0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52918", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ls5xwocd5w2a", "content": "", "creation_timestamp": "2025-06-22T02:01:30.727431Z"}, {"uuid": "c8939116-19cc-4df8-ae33-3b6ffd49540e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52916", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ls5y6dvhon2m", "content": "", "creation_timestamp": "2025-06-22T02:05:48.542257Z"}, {"uuid": "dc5dec4b-4891-4035-80aa-60298ceb63eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52917", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ls5zc5pxly2s", "content": "", "creation_timestamp": "2025-06-22T02:25:49.745778Z"}, {"uuid": "94af47af-21c7-46f3-9cf2-5507e1dbd063", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52914", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lus7naalz22h", "content": "", "creation_timestamp": "2025-07-25T14:03:01.867679Z"}, {"uuid": "b91ea82f-01fb-44e7-be80-b927c845463d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52913", "type": "published-proof-of-concept", "source": "Telegram/rhvNMhDEQsDmbO42lBM1UZ6liv8Ut69COJccPHJCHHT9EeA", "content": "", "creation_timestamp": "2026-03-27T03:00:09.000000Z"}, {"uuid": "3086b1ca-d2b8-4a4d-b46f-2a431bee06d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52917", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lvt4gmmeam2u", "content": "", "creation_timestamp": "2025-08-07T16:03:30.150184Z"}, {"uuid": "618d7592-79e0-424d-8dee-011bbde4b1d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52918", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lvt4gmmeam2u", "content": "", "creation_timestamp": "2025-08-07T16:03:30.275279Z"}, {"uuid": "6b3f82cf-9e90-41c7-83e8-c6ff7887342f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52919", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lvt4gmmeam2u", "content": "", "creation_timestamp": "2025-08-07T16:03:30.382295Z"}, {"uuid": "d4bd7503-f4b2-4628-a87e-70e6b76b102b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52916", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-08", "content": "", "creation_timestamp": "2025-08-07T10:00:00.000000Z"}, {"uuid": "4d8e9afc-7022-4362-b320-d29aa562949f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52917", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-08", "content": "", "creation_timestamp": "2025-08-07T10:00:00.000000Z"}, {"uuid": "ecf30771-f2f1-4beb-816d-179ed3fc9f81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52918", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-08", "content": "", "creation_timestamp": "2025-08-07T10:00:00.000000Z"}, {"uuid": "ec7d4510-1fda-4563-b751-b45b362dbe38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52919", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-219-08", "content": "", "creation_timestamp": "2025-08-07T10:00:00.000000Z"}, {"uuid": "e816854c-ac7e-480b-abb7-3700ce1a9aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52914", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/45311", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aDetection for CVE-2025-52914\nURL\uff1ahttps://github.com/rxerium/CVE-2025-52914\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-07-25T10:09:56.000000Z"}, {"uuid": "89480d4f-4d40-409a-abfb-063c841ac9a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52914", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lw36jm7jwr24", "content": "", "creation_timestamp": "2025-08-10T21:02:16.611325Z"}, {"uuid": "c652e1f3-1827-48cc-bd27-9408c719bbb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52915", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3lxxkgo4qca2x", "content": "", "creation_timestamp": "2025-09-03T21:15:06.837367Z"}, {"uuid": "3423b9e4-26b8-4915-9d95-5118f4565133", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52915", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/55566", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aBYOVD research use cases featuring vulnerable driver discovery and reverse engineering methodology.  (CVE-2025-52915,  CVE-2025-1055,).\nURL\uff1ahttps://github.com/BlackSnufkin/BYOVD\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-10-15T10:20:48.000000Z"}, {"uuid": "c71212b0-b3bc-46c9-b6c2-7e3e1eec1646", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52914", "type": "published-proof-of-concept", "source": "Telegram/vAWGzqeitpUNr1lrBOjWIFgwW8T2KCSfYHka-5PRFPCb5v0", "content": "", "creation_timestamp": "2025-07-25T15:00:06.000000Z"}, {"uuid": "948a7cd6-76be-4ea4-8577-5df5368909f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52915", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/50243", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aPoC for CVE-2025-1055 and CVE-2025-52915 using K7RKScan.sys\nURL\uff1ahttps://github.com/diego-tella/CVE-2025-1055-poc\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-09-04T12:30:56.000000Z"}, {"uuid": "7de05675-336a-431b-8f22-d4c9cec7cd66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52913", "type": "published-proof-of-concept", "source": "Telegram/0XiQVvLI9OtTexbSWP04ktWorEJ1qgGSsz80l9L0cFlDChA", "content": "", "creation_timestamp": "2026-03-26T23:00:14.000000Z"}, {"uuid": "cfb1425e-1580-44f6-8a31-0e20d2031947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5291", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18577", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-5291\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: The Master Slider \u2013 Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's masterslider_pb and ms_slide shortcodes in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2025-06-17T11:23:37.205Z\n\ud83d\udccf Modified: 2025-06-17T11:23:37.205Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/ce37fbd2-8d41-4feb-adf6-7ca0ca54e27a?source=cve\n2. https://plugins.trac.wordpress.org/browser/master-slider/tags/3.10.8/includes/msp-shortcodes.php#L28\n3. https://plugins.trac.wordpress.org/browser/master-slider/tags/3.10.8/includes/msp-shortcodes.php#L633\n4. https://plugins.trac.wordpress.org/browser/master-slider/tags/3.10.8/includes/msp-shortcodes.php#L763\n5. https://plugins.trac.wordpress.org/browser/master-slider/tags/3.10.8/includes/msp-shortcodes.php#L783\n6. https://wordpress.org/plugins/master-slider/#description\n7. https://plugins.trac.wordpress.org/changeset/3309620/", "creation_timestamp": "2025-06-17T11:38:25.000000Z"}, {"uuid": "2612e652-a543-4fe8-b5ef-d3a2b872c398", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52918", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19136", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52918\n\ud83d\udd25 CVSS Score: 5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N)\n\ud83d\udd39 Description: Yealink YMCS before 2025-05-26 does not prevent OpenAPI access by frozen enterprise accounts, allowing unauthorized access to deactivated interfaces.\n\ud83d\udccf Published: 2025-06-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-21T23:12:11.133Z\n\ud83d\udd17 References:\n1. https://www.yealink.com/en/trust-center/security-advisories/1318c5efb82e4526\n2. https://support.yealink.com/en/portal/knowledge/show?id=646b44278ef325311f38303f", "creation_timestamp": "2025-06-21T23:43:43.000000Z"}, {"uuid": "b544f7ec-d1ee-40cb-b7c2-c45074ecfb8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52919", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19135", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52919\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: In Yealink YMCS RPS before 2025-05-26, the certificate upload function does not properly validate certificate content, potentially allowing invalid certificates to be uploaded.\n\ud83d\udccf Published: 2025-06-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-21T23:13:43.507Z\n\ud83d\udd17 References:\n1. https://support.yealink.com/en/portal/knowledge/show?id=6476e7cd6a27da76bd06a9c9\n2. https://www.yealink.com/en/trust-center/security-advisories/ecb16a4993014d22", "creation_timestamp": "2025-06-21T23:43:42.000000Z"}, {"uuid": "37e26059-e7eb-4119-a0bc-17010c96d972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52916", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19138", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52916\n\ud83d\udd25 CVSS Score: 2.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Yealink YMCS RPS before 2025-06-04 lacks SN verification attempt limits, enabling brute-force enumeration (last five digits).\n\ud83d\udccf Published: 2025-06-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-21T23:08:14.539Z\n\ud83d\udd17 References:\n1. https://www.yealink.com/en/trust-center/security-advisories/b8dc062eaa8d4f59\n2. https://support.yealink.com/en/portal/knowledge/show?id=6476e7cd6a27da76bd06a9c9", "creation_timestamp": "2025-06-21T23:43:44.000000Z"}, {"uuid": "9c9553c9-879a-4e04-8cb6-2274bca396e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52917", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19137", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-52917\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: The Yealink YMCS RPS API before 2025-05-26 lacks rate limiting, potentially enabling information disclosure via excessive requests.\n\ud83d\udccf Published: 2025-06-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-21T23:10:26.397Z\n\ud83d\udd17 References:\n1. https://support.yealink.com/en/portal/knowledge/show?id=6476e7cd6a27da76bd06a9c9\n2. https://www.yealink.com/en/trust-center/security-advisories/f8205560a8c7443f", "creation_timestamp": "2025-06-21T23:43:43.000000Z"}, {"uuid": "f890211c-b451-4deb-bdb1-683229a74e15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-52914", "type": "exploited", "source": "https://t.me/true_secator/7265", "content": "Mitel Networks \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e \u0435\u0435 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 MiVoice MX-ONE.\n\nMX-ONE - \u044d\u0442\u043e \u043a\u043e\u043c\u043c\u0443\u043d\u0438\u043a\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430 \u0431\u0430\u0437\u0435 SIP, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043c\u0430\u0441\u0448\u0442\u0430\u0431\u0438\u0440\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0441\u043e\u0442\u0435\u043d \u0442\u044b\u0441\u044f\u0447 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0438\u043c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u0435\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0435 MiVoice MX-ONE Provisioning Manager, \u0438 \u0435\u0439 \u043f\u043e\u043a\u0430 \u043d\u0435 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e, \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0435\u0451 \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438, \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u044e\u0449\u0438\u0445 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c, \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0447\u0451\u0442\u043d\u044b\u043c \u0437\u0430\u043f\u0438\u0441\u044f\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0431\u0435\u0437 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Mitel, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 MiVoice MX-ONE, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0435 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0432\u0435\u0440\u0441\u0438\u0439 7.3 (7.3.0.0.50) - 7.8 SP1 (7.8.1.0.14). \u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 7.8 (MXO-15711_78SP0) \u0438 7.8 SP1 (MXO-15711_78SP1).\n\n\u041f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043d\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0438\u0441\u0430\u043c MX-ONE \u043d\u0430\u043f\u0440\u044f\u043c\u0443\u044e \u0447\u0435\u0440\u0435\u0437 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u0440\u0430\u0437\u0432\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 MX-ONE \u0438\u0441\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0432 \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u043e\u0439 \u0441\u0435\u0442\u0438.\n\n\u0420\u0438\u0441\u043a\u0438 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u043d\u043e \u0441\u043d\u0438\u0437\u0438\u0442\u044c, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u0435\u0440\u0432\u0438\u0441\u0443 Provisioning Manager.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c MiVoice MX-ONE \u0432\u0435\u0440\u0441\u0438\u0438 7.3 \u0438 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043d\u0430\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044e \u0447\u0435\u0440\u0435\u0437 \u0441\u0432\u043e\u0435\u0433\u043e \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0438\u0441\u043d\u043e\u0433\u043e \u043f\u0430\u0440\u0442\u043d\u0435\u0440\u0430.\n\nMitel \u0442\u0430\u043a\u0436\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e SQL-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c (CVE-2025-52914) \u0432 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 \u0434\u043b\u044f \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e\u0439 \u0440\u0430\u0431\u043e\u0442\u044b MiCollab, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 SQL \u043d\u0430 \u043d\u0435\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u041a\u0430\u043a \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, \u0441\u0432\u0435\u0434\u0435\u043d\u0438\u0439 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043e\u0431\u0435\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043d\u0435 \u043f\u043e\u0441\u0442\u0443\u043f\u0430\u043b\u043e.\n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 MiCollab (CVE-2024-55550 \u0438 CVE-2024-41713) \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0427\u0442\u043e \u043d\u0435 \u0443\u0434\u0438\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e, \u0432\u0435\u0434\u044c \u043f\u0440\u043e\u0434\u0443\u043a\u0446\u0438\u044e Mitel \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0431\u043e\u043b\u0435\u0435 60 000 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u0438 \u0431\u043e\u043b\u0435\u0435 75 \u043c\u043b\u043d. \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u043a\u0442\u043e\u0440\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u0435, \u0437\u0434\u0440\u0430\u0432\u043e\u043e\u0445\u0440\u0430\u043d\u0435\u043d\u0438\u0435, \u0444\u0438\u043d\u0430\u043d\u0441\u044b, \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0438 \u0433\u043e\u0441\u0443\u0434\u0430\u0440\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0439 \u0441\u0435\u043a\u0442\u043e\u0440.", "creation_timestamp": "2025-07-24T17:29:30.000000Z"}]}