A Mitel VoIP equipment was used as an entry point in a suspected ransomware intrusion attempt against an undisclosed target in order to obtain remote code execution and gain initial access to the environment.
The aforementioned zero-day attack is identified as CVE-2022-29499 and was patched by Mitel in April 2022 using a remediation script that it distributed to clients. Read More…