PatchSiren cyber security CVE debrief
CVE-2022-40765 Mitel CVE debrief
CVE-2022-40765 is a command injection vulnerability affecting Mitel MiVoice Connect. CISA added it to the Known Exploited Vulnerabilities (KEV) catalog on 2023-02-21 and marked it as having known ransomware campaign use. For defenders, that makes patching and exposure review a high priority even though the supplied corpus does not include deeper technical detail or a CVSS score.
- Vendor
- Mitel
- Product
- MiVoice Connect
- CVSS
- Unknown
- CISA KEV
- Listed
- Original CVE published
- 2023-02-21
- Original CVE updated
- 2023-02-21
- Advisory published
- 2023-02-21
- Advisory updated
- 2023-02-21
Who should care
Organizations using Mitel MiVoice Connect, especially IT administrators, telecom/UC platform owners, SOC teams, and vulnerability management teams responsible for internet-facing or enterprise-telephony systems.
Technical summary
The available source material identifies the issue as a command injection vulnerability in Mitel MiVoice Connect. CISA’s KEV entry classifies the flaw as known exploited in the wild and notes known ransomware campaign use. The supplied corpus does not provide the vulnerable component, exploitation path, affected versions, or impact details, so those specifics should be confirmed in the official Mitel advisory and vendor guidance before remediation planning.
Defensive priority
High. CISA placed the vulnerability in the KEV catalog and set a due date of 2023-03-14 for applying vendor-recommended updates, indicating active real-world risk and time-sensitive remediation.
Recommended defensive actions
- Inventory all Mitel MiVoice Connect deployments and confirm whether any instances are exposed or reachable from untrusted networks.
- Review the official Mitel security advisory referenced by CISA and apply the vendor-recommended updates as soon as possible.
- If immediate patching is not feasible, reduce exposure by restricting network access to the affected system and limiting administrative access.
- Check for signs of compromise on affected systems, with special attention to anomalous command execution or unexpected administrative activity.
- Prioritize remediation and validation before the CISA KEV due date and document completion in vulnerability management tracking.
Evidence notes
This debrief is based only on the supplied CISA KEV metadata and official links. The corpus explicitly identifies CVE-2022-40765 as a Mitel MiVoice Connect command injection vulnerability, marks it as KEV, records known ransomware campaign use, and lists the vendor action as applying updates per vendor instructions. No CVSS score, affected version list, or exploit details were provided in the corpus, so those facts are intentionally omitted.
Official resources
-
CVE-2022-40765 CVE record
CVE.org
-
CVE-2022-40765 NVD detail
NVD
-
CISA Known Exploited Vulnerabilities catalog
CISA - Apply updates per vendor instructions.
-
Source item URL
cisa_kev
Publicly disclosed; added to CISA KEV on 2023-02-21 with remediation due 2023-03-14.