#BSI WID-SEC-2025-1109: [NEU] [mittel] #Mitel #OpenScape #Xpressions: Schwachstelle ermöglicht Offenlegung von Informationen
Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Mitel OpenScape Xpressions ausnutzen, um Informationen offenzulegen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1109
#BSI WID-SEC-2025-0169: [NEU] [mittel] #Unify #OpenScape 4000: Mehrere Schwachstellen ermöglichen Privilegieneskalation
Ein lokaler oder entfernter, anonymer Angreifer kann mehrere Schwachstellen in Unify OpenScape 4000 ausnutzen, um seine Privilegien zu erhöhen und um beliebige Befehle auszuführen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0169
Na, schon mal über Unify OpenScape nachgedacht? Lass es.
Ich habe Gelegenheit an #DECT Telefone #Unify #OpenScape Modell "SL5" ranzukommen. Taugen die für #GPN oder andere Events im #Chaos ?
Sind ganz nifty, mit MicroUSB zum Laden und evtl. auch mit Ladeschalte zum reinstellen.
#BSI WID-SEC-2024-1860: [NEU] [mittel] #Unify #OpenScape #Business: Schwachstelle ermöglicht Offenlegung von Informationen
Ein entfernter, authentisierter Angreifer kann eine Schwachstelle in Unify OpenScape Business ausnutzen, um Informationen offenzulegen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1860
#BSI WID-SEC-2024-1660: [NEU] [hoch] #Unify #OpenScape 4000: Mehrere Schwachstellen ermöglichen Ausführen von beliebigem Programmcode
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Unify OpenScape 4000 ausnutzen, um beliebigen Programmcode auszuführen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1660
#BSI WID-SEC-2024-1588: [NEU] [mittel] #Unify #OpenScape #UC #Application: Schwachstelle ermöglicht Offenlegung von Informationen
Ein lokaler Angreifer kann eine Schwachstelle in Unify OpenScape UC Application ausnutzen, um Informationen offenzulegen.
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1588
Our colleague Michael will be speaking about #Unify #OpenScape and #OpenStage #VoIP phones at the #Area41 security conference in Zurich on June 6. If you use these VoIP systems, we recommend coming to the talk.
Remote code execution and elevation of local privileges in #Mitel Unify #OpenStage and #OpenScape VoIP phones
https://www.pentagrid.ch/en/blog/rce-and-local-root-in-openstage-and-openscape-phones/
I especially like attack number 5 “OpenScape – Secure Shell Privilege escalation to root via SetUID programs”
* Manipulate the framebuffer, so a screenshot results in an executable file.
* Overwrite a system file with that screenshot tool.
* Add a script to that gets executed with root privilege while booting.
https://github.com/pentagridsec/openstage-exploit-chain/blob/main/openstage-fakedls-server.py
♫ Ground control to Major Tom, take the patch and put secure mode on. ♫ https://github.com/pentagridsec/openstage-exploit-chain #openstage #openscape #unify
RCE and LPE in a wide range of Mitel Unify #OpenStage and #OpenScape VoIP phones with default config: https://www.pentagrid.ch/en/blog/rce-and-local-root-in-openstage-and-openscape-phones/ #itsecurity #infosec #pentesting #voip #unify
Today's the day: I'm presenting about Soundscape, Openscape, and the general class of app at the first AT confrence held by the New York Public Library. Nervus but incredibly excited. I'll post a link here in a bit. #ATNYC #soundscape #openscape
Vielleicht gibt es hier einen #Telefon Experten der mir was zur #OpenScape Business #TAPI Funktion sagen kann. Bei einem Kunden würde via TAPI unter Windows bei Anrufen aus dem gleichen Ortsnetz nur die Rufnummer (ohne Vorwahl) signalisiert. Damit findet unser CRM erstmal nicht den zugeordneten Kunden. Gibt es da in #OpenScape eine Konfigurationsmöglichkeit? Der Kunden-Admin hat keine Ahnung wo das gehen soll.
For those of you who have been itching to try out #OpenScape for #iOS, more beta slots have opened up.
You can join the #Testflight here.
https://testflight.apple.com/join/tjZ5iAPo
#Apple #Blind #A11y #Accessibility #Development #Beta
Heck yeah. Days work paying off - I just got Openscape to successfully import Soundscape’s markers and routes! #openscape #soundscape #indidev
I tried the Openscape Beta on a short walk today. So delighted that it recognised the public footpaths in my local district. Most other orientation apps don’t give any feedback on them. And so nice to get good feedback on my surroundings. The app is still a bit clunky, with lots of references to Soundscape popping up, but it’s a great start, and I hope they can provide a much-needed replacement for Soundscape before long.
#Accessibility #Openscape #Blind
Cette semaine sur Oxytude, l'actu des nouvelles technologies et de l'#Accessibilité #A11Y #Domotique #Dornell #GoogleHome #NVDA #Openscape #RATP #Reddit https://www.oxytude.org
Ok, hears much better audio and you get to keep the environmental sounds that I wanted to give people. Here’s two minutes and 40 seconds demonstrating the. #OpenScape beta app. I’ll use this for my 12th #AudioMo as well! Boost for awareness please!
I've had a really brief play with the #OpenScape beta. So far it looks like an exact copy of #microsoft Soundscape, even referring to itself as Soundscape in some places. It's amazing to see this app continue in some form though! Does anyone know who is behind OpenScape? Would be great to know what their plans are for the future of this. #blind #a11y
I promised another #AudioMo today, and here it is. In this AudioMo I use #OpenScape to take a abridged journey to the store. Listen, carefully, you may hear the audio from the app, it didn't come out as cleanly as I was hoping. But still! Started out on a Sure Beta, 87A into the Vocaster!
ambient sounds and traveling sounds captured with the Sennheiser AMBEO binaural Mic into the iPhone. Audio fro the other phone sent threw the Shokz OpenMove.
