CVE-2025-67822
Published: 15 January 2026
Summary
CVE-2025-67822 is a critical-severity Improper Authentication (CWE-287) vulnerability in Mitel Mivoice Mx-One. Its CVSS base score is 9.4 (Critical).
Operationally, exploitation aligns with the MITRE ATT&CK technique Valid Accounts (T1078); ranked at the 19.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-14 (Permitted Actions Without Identification or Authentication) and IA-2 (Identification and Authentication (Organizational Users)).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-2 mandates timely flaw remediation, directly mitigating this authentication bypass by applying Mitel patches from security advisory MISA-2025-0009.
IA-2 requires robust unique identification and authentication for organizational users, countering the improper authentication mechanisms enabling unauthenticated access to Provisioning Manager accounts.
AC-14 explicitly authorizes and monitors only defined actions without identification or authentication, preventing unauthorized access via bypass in the Provisioning Manager component.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Auth bypass on network-accessible Provisioning Manager directly enables T1190 (public-facing exploit) for initial access and T1078 (valid accounts) via unauthorized account usage.
NVD Description
A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 (7.3.0.0.50) through 7.8 SP1 (7.8.1.0.14) could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker…
more
to gain unauthorized access to user or admin accounts in the system.
Deeper analysisAI
CVE-2025-67822 is an authentication bypass vulnerability stemming from improper authentication mechanisms (CWE-287) in the Provisioning Manager component of Mitel MiVoice MX-ONE systems. It affects versions from 7.3 (7.3.0.0.50) through 7.8 SP1 (7.8.1.0.14). The vulnerability, published on 2026-01-15, carries a CVSS v3.1 base score of 9.4 (AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H), indicating high severity due to its network accessibility and lack of prerequisites.
An unauthenticated attacker can exploit this vulnerability remotely with low complexity to bypass authentication. Successful exploitation grants unauthorized access to user or admin accounts within the system, potentially enabling further compromise through elevated privileges, data manipulation, or disruption of services.
Mitel has published details in their security advisories, including Mitel Product Security Advisory MISA-2025-0009, available at https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2025-0009 and the general advisories page at https://www.mitel.com/support/security-advisories. Security practitioners should consult these for patch availability and mitigation guidance specific to affected versions.
Details
- CWE(s)