CVE-2022-40765 - Mitel MiVoice Connect Command Injection Vulnerability
CVE-2022-40765
Mitel | MiVoice Connect
- Date Added:
- 2023-02-21
- Due Date:
- 2023-03-14
- Vulnerability Name
Mitel MiVoice Connect Command Injection Vulnerability
- Description
The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system.
- Known To Be Used in Ransomware Campaigns?
Known
- Action
Apply updates per vendor instructions.
- Additional Notes
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0007; https://nvd.nist.gov/vuln/detail/CVE-2022-40765
Free security scan for your website