logo

CVE-2022-40765 - Mitel MiVoice Connect Command Injection Vulnerability

CVE-2022-40765

Mitel | MiVoice Connect

  • Date Added:
  • 2023-02-21
  • Due Date:
  • 2023-03-14
Vulnerability Name

Mitel MiVoice Connect Command Injection Vulnerability

Description

The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions.

Additional Notes
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0007; https://nvd.nist.gov/vuln/detail/CVE-2022-40765

Free security scan for your website