Patrick Bennett

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions through 19.3 (22.22.6100.0) **Description** A vulnerability in the Edge Gateway component could allow an authenticated attacker with internal network access to conduct a command-injection attack, due to insufficient restriction of URL parameters. **Recommendations** For Mitel MiVoice Connect versions through 19.3 (22.22.6100.0), consider restricting access to the Edge Gateway component until a patch is available. As a temporary workaround, restrict the use of URL parameters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MiVoice Connect versions through 19.3 (22.22.6100.0) **Description** The issue allows an authenticated attacker to conduct a code-injection attack via crafted data due to insufficient restrictions on the database data type in the Director database component. **Recommendations** For MiVoice Connect versions through 19.3 (22.22.6100.0), at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Mitel MiVoice Connect versions prior to 19.2 SP3 **Description** The issue is related to incorrect data validation in the Service Appliance component, allowing remote code execution. This vulnerability has been exploited in real-world incidents, including ransomware attacks. The exploitation involves sending two GET requests, with the first request using the `get url` parameter to access a local file on the device, and the second request leading to the exploitation. The attackers have used this vulnerability to create a reverse shell and load tools such as Chisel for further exploitation. It is estimated that a significant number of devices may be affected, but the exact number is not specified. **Recommendations** For Mitel MiVoice Connect versions prior to 19.2 SP3, update to a version that includes the security fix for this issue. As a temporary workaround, consider restricting access to the Service Appliance component to minimize the risk of exploitation. Additionally, users should ensure that their devices are properly configured and isolated from critical assets to prevent further exploitation. It is also recommended to limit access to hosts and servers, such as ESXi and vCenter, as much as possible. At the moment, there is no information about a newer version that contains a fix for this vulnerability, so it is crucial to follow the provided recommendations to mitigate the risk.