logo

CVE-2022-41223 - Mitel MiVoice Connect Code Injection Vulnerability

Mitel | MiVoice Connect

  • Date Added:
  • 2023-02-21
  • Due Date:
  • 2023-03-14
Vulnerability Name

Mitel MiVoice Connect Code Injection Vulnerability

Description

The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application.

Known To Be Used in Ransomware Campaigns?

Known

Action

Apply updates per vendor instructions.

Additional Notes
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0008; https://nvd.nist.gov/vuln/detail/CVE-2022-41223

Free online web security scanner