VSF-Fortitude6 9.3 Release Notes
From Zenitel Wiki
- Previous Release - VSF-Fortitude6 9.2 Release Notes
This document provides the release notes for VSF-Fortitude6 9.3 with incremental bug fix releases. The release notes for VSF-Fortitude6 9.3 describe new features, improvements and issues fixed after VSF-Fortitude6 9.2.3.0.
Release info
Name: VSF-Fortitude6
Description: VSF-Fortitude6 is a firmware for Zenitel devices based on the IMX6 processor.
The firmware is delivered in two different files:
- vsff6-9.3.3.x - Used for standard in-field upgrades
- vsff6-prod-9.3.3.x - Used in production- and recovery upgrades.
Version: 9.3.3.1
Date: 17.12.2025
Status: General Availability
VSF-FORTITUDE6 9.3.3.1
Security Updates
MTN-4866 Security Update
Resolved vulnerabilities related to:
- CVE-2025-64090 - Authenticated RCE on Hostname configuration.
Action: Upgrade to 9.3.3.1 or later (8.2.3.5 for legacy TCIV)
MTN-4865 Security Update
Resolved vulnerabilities related to:
- CVE-2025-64091 - Authenticated RCE on NTP configurations.
Action: Upgrade to 9.3.3.1 or later (8.2.3.5 for legacy TCIV)
VSF-FORTITUDE6 9.3.3.0
Improvements
MTN-4790 Enhanced Grace Period Message for Edge Systems
The grace period message has been improved to provide clearer information. Users will now find it easier to understand when their system is in a grace period and if actions are required.
MTN-4701 Duplicate Hardware Version information
Duplicate Hardware Version information in station web has been removed. Hardware Version information can be found in Hardware Revision.
DS-1560 Edge Controller: Batch Upgrade Feature removed
The Edge Controller batch upgrade feature has been removed. Batch upgrades should now be performed using IMT, which provides greater flexibility and efficiency. Devices can still be updated individually via the web interface.
Fixed Issues
MTN-4796 ONVIF Subscribe Enhancements
Subscription requests now accept any namespace in the Address field.
The “wsnt:Filter” element is now optional. If omitted, the subscription will include all topics by default.
MTN-4758 Display is now updated when adjusting volume
The display now updates correctly when adjusting the volume using the handset or headset. Previously, the volume bar was stuck at level 1, but it now accurately reflects the current volume setting.
MTN-4742 ONVIF Improvement: Default Video Source Configuration
GetVideoSourceConfigurationOptions now returns a default video source configuration even when no configuration is specified.
MTN-4688 Fixed issues with ONVIF backchannel RTSP failures on missing media
Now always creating full media pipeline for backchannel to ensure better compatibility.
MTN-4681 Ringing tone in ICX/AlphaCom now depends on setting in AlphaPro
Ringing tone level in ICX/Alphacom mode was low and did not respond to the Ringing Volume setting configured in AlphaPro. This is now fixed, ringing tone level is higher and dependent on value set in AlphaPro.
MTN-4566 Removed Partial Reboot Option
The Partial Reboot option has been removed from the device web recovery page.
Audio will no longer be interrupted or stopped when unrelated configuration change, such as adjusting the volume, are made.
MTN-4343 Tone test adjustments for CRM-V-2 and IP-CROR devices.
MTN-3885 Fixed issue where language change on device web required reboot without clear notice
The device web page now notes that a reboot is needed for language changes to take effect. Behavior remains unchanged.
DS-1572 Audio Setup Real-Time challenges
Observed on Connect case call to queue four duplicated SDP in short time interval causing up two 4 start and stop on one setup. This optimization deprecates memory intensive AEC context save and restore by keeping state in code-object between calls. Also added state handling on new Audio Session separating network audio and audio engine initialize in different steps.
DS-1571 Duplicated SDPs from SIP-Invite/Re-Invite causes multiple audio start/stop with possible side effects
Observed on Connect case call to queue four duplicated SDP in short time interval causing up two 4 start and stop on one setup. This optimization check for duplicated SDPs in Re-Invites and do nothing if repeated with same parameters.
DS-1502 Multicast paging could stop working under some rare conditions
Multicast paging would stop working under some rare conditions, this is now fixed.
Security Updates
MTN-4795 Fixed multiple vulnerabilities
- Fixed multiple vulnerabilities registered under CVE-2025-64126, CVE-2025-64127, CVE-2025-64128, CVE-2025-64129, and CVE-2025-64130. These vulnerabilities were associated with legacy web interface components. The affected functionality has been removed or redesigned to prevent misuse.
- Action: Upgrade to version 9.3.3.0 (8.2.3.4 for TCIV legacy hardware) or later to ensure the latest security enhancements are applied.
DS-1555 Security Update
Resolved vulnerabilities related to:
- CVE-2025-59817 Authenticated Remote Code Execution “zForm_auto_config”
- CVE-2025-59818 Authenticated Remote Code Execution “zForm_upload_scripts”.
Action: Upgrade to 9.3.3.0 or later (8.2.3.4 for legacy TCIV)