These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2024-41710 is a Mitel SIP Phones argument injection vulnerability that CISA added to the Known Exploited Vulnerabilities (KEV) catalog on 2025-02-12. Because it is KEV-listed, organizations using the affected product should treat it as a high-priority remediation item and follow vendor guidance without delay.
CVE-2024-55550 is a path traversal vulnerability affecting Mitel MiCollab. CISA added it to the Known Exploited Vulnerabilities catalog on 2025-01-07 and marked known ransomware campaign use as Known, so defenders should treat it as a high-priority exposure even though the supplied corpus does not include a CVSS score or detailed exploit mechanics.
CVE-2024-41713 is a path traversal vulnerability in Mitel MiCollab that CISA added to the Known Exploited Vulnerabilities catalog on 2025-01-07. The KEV entry marks the issue as known exploited and notes known ransomware campaign use, so organizations should treat it as an active defensive priority and follow vendor guidance or discontinue use if mitigation is unavailable.
CVE-2022-41223 is a code injection vulnerability affecting Mitel MiVoice Connect. CISA added it to the Known Exploited Vulnerabilities catalog on 2023-02-21 and marked it as having known ransomware campaign use, which makes it a high-priority remediation item for any affected environment.
CVE-2022-40765 is a command injection vulnerability affecting Mitel MiVoice Connect. CISA added it to the Known Exploited Vulnerabilities (KEV) catalog on 2023-02-21 and marked it as having known ransomware campaign use. For defenders, that makes patching and exposure review a high priority even though the supplied corpus does not include deeper technical detail or a CVSS score.
CVE-2022-29499 is a Mitel MiVoice Connect data validation vulnerability that CISA added to its Known Exploited Vulnerabilities catalog. Because it is listed in KEV and marked as having known ransomware campaign use, organizations running MiVoice Connect should treat it as a high-priority remediation item and follow vendor update guidance without delay.
CVE-2022-26143 is a Mitel access control vulnerability affecting MiCollab and MiVoice Business Express that CISA added to its Known Exploited Vulnerabilities catalog on 2022-03-25. Because CISA identifies it as known exploited, defenders should treat it as a priority patching item and follow the vendor’s update guidance.