CVE-2022-41223 - Mitel MiVoice Connect Code Injection Vulnerability
Mitel | MiVoice Connect
- Date Added:
- 2023-02-21
- Due Date:
- 2023-03-14
- Vulnerability Name
Mitel MiVoice Connect Code Injection Vulnerability
- Description
The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application.
- Known To Be Used in Ransomware Campaigns?
Known
- Action
Apply updates per vendor instructions.
- Additional Notes
- https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0008; https://nvd.nist.gov/vuln/detail/CVE-2022-41223
Free online web security scanner