CVE-2022-40765
published 2022-11-22CVE-2022-40765: A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker with internal network…
PriorityP182medium6.8CVSS 3.1
AVAACLPRHUINSUCHIHAH
KEVITWRansomware
CISA Known Exploited Vulnerabilitydue 2023-03-14
Exploited in the wild
EPSS
10.48%
95.2th percentile
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mitel | mivoice_connect | <= 22.22.6100.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2022-40765 targets the Edge Gateway component of Mitel MiVoice Connect; look for authenticated internal network requests with anomalous or injected URL parameters directed at the Edge Gateway ↗
- →CVE-2022-40765 is actively exploited in the wild per CISA KEV; prioritize detection on Mitel MiVoice Connect Edge Gateway instances for command injection attempts ↗
- →Exploitation results in command execution within the system context; monitor Edge Gateway processes for unexpected child process spawning or OS command execution ↗
- ·Exploitation requires the attacker to be authenticated and have internal network access — external/unauthenticated exploitation is not indicated by available sources ↗
- ·Affected versions are Mitel MiVoice Connect through 19.3 (22.22.6100.0); detections should be scoped to this version range ↗
CVSS provenance
nvdv3.16.8MEDIUMCVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
vulncheck6.8MEDIUM
cisa6.8MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-2w3j-8r4x-f4mg: A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19
ghsa_unreviewed·2022-11-22
CVE-2022-40765 [MEDIUM] CWE-77 GHSA-2w3j-8r4x-f4mg: A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0) could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters.
VulnCheck
Mitel MiVoice Connect Command Injection Vulnerability
vulncheck·2022·CVSS 6.8
CVE-2022-40765 [MEDIUM] CWE-77 Mitel MiVoice Connect Command Injection Vulnerability
Mitel MiVoice Connect Command Injection Vulnerability
The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system.
Affected: Mitel MiVoice Connect
Required Action: Apply updates per vendor instructions.
Known Ransomware Campaign Use: Known
Exploitation References: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json
Remediation Due: 2023-03-14
CISA
Mitel MiVoice Connect Command Injection Vulnerability
cisa·2023-02-21·CVSS 6.8
CVE-2022-40765 [MEDIUM] CWE-77 Mitel MiVoice Connect Command Injection Vulnerability
Vulnerability: Mitel MiVoice Connect Command Injection Vulnerability
Affected: Mitel MiVoice Connect
The Mitel Edge Gateway component of MiVoice Connect allows an authenticated attacker with internal network access to execute commands within the context of the system.
Required Action: Apply updates per vendor instructions.
Notes: https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0007; https://nvd.nist.gov/vuln/detail/CVE-2022-40765
Remediation Due Date: 2023-03-14
No detection rules found.
No public exploits indexed.
https://www.mitel.com/support/security-advisorieshttps://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0007https://www.mitel.com/support/security-advisorieshttps://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0007https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-40765
2022-11-22
Published
2023-02-21
Added to CISA KEV
Exploited in the wild