Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:44 p.m.4 views

CVE-2022-29499

The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA...

10CVSS8AI score0.56967EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2022/09/14 2:4 p.m.83 views

Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks

The operators behind the Lornenz ransomware operation have been observed exploiting a now-patched critical security flaw in Mitel MiVoice Connect to obtain a foothold into target environments for follow-on malicious activities. "Initial malicious activity originated from a Mitel appliance sitting...

10CVSS1.4AI score0.56967EPSS
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2022/07/07 7:9 p.m.71 views

Exploitation of Mitel MiVoice Connect SA CVE-2022-29499

In April 2022, telecommunications company Mitel published a security advisory on CVE-2022-29499, a data validation vulnerability in the Service Appliance component of MiVoice Connect, a business communications product. The vulnerability, which was unpatched at time of publication, arose from...

10CVSS1.6AI score0.56967EPSS
Exploits0
The Hacker News
The Hacker News
added 2022/06/29 4:1 a.m.160 views

CISA Warns of Active Exploitation of 'PwnKit' Linux Vulnerability in the Wild

The U.S. Cybersecurity and Infrastructure Security Agency CISA this week moved to add a Linux vulnerability dubbed PwnKit to its Known Exploited Vulnerabilities Catalog, citing evidence of active exploitation. The issue, tracked as CVE-2021-4034 CVSS score: 7.8, came to light in January 2022 and...

10CVSS1.2AI score0.94921EPSS
Exploits160
ThreatPost
ThreatPost
added 2022/06/28 12:42 p.m.94 views

Mitel VoIP Bug Exploited in Ransomware Attacks

Ransomware groups are abusing unpatched versions of a Linux-based Mitel VoIP Voice over Internet Protocol application and using it as a springboard plant malware on targeted systems. The critical remote code execution RCE flaw, tracked as CVE-2022-29499, was first report by Crowdstrike in April a...

10CVSS10AI score0.56967EPSS
Exploits0References5
Check Point Advisories
Check Point Advisories
added 2022/06/27 12:0 a.m.40 views

Mitel MiVoice Connect Command Injection (CVE-2022-29499)

A command injection vulnerability exists in Mitel MiVoice Connect. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

10CVSS5.7AI score0.56967EPSS
Exploits0
Circl
Circl
added 2022/04/26 7:47 a.m.8 views

CVE-2022-29499

creationtimestamp| type| source ---|---|--- 2022-04-26 07:47:52+00:00| seen| https://t.me/cibsecurity/41421 2022-06-27 19:30:04+00:00| exploited| https://t.me/truesecator/3104 2022-09-13 15:35:06+00:00| exploited| https://t.me/truesecator/3409 2022-09-14 09:47:43+00:00| seen|...

10CVSS7.5AI score0.56967EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2022/04/26 1:13 a.m.7 views

CVE-2022-29499

The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA...

9.9AI score0.56967EPSS
Exploits0References1
Rows per page
Query Builder