CVE-2022-41223: Mitel MiVoice Connect Code Injection Vulnerability. The
Mitel MiVoice Connect Code Injection Vulnerability. The Director component in Mitel MiVoice Connect allows an authenticated attacker with internal network access to execute code within the context of the application.
- CISA KEV-listed (remediation due 2023-03-14)
- used in ransomware campaigns
- EPSS 2.8% (86.4% percentile)