CVE-2022-29499
CRITICAL KEV RANSOMWAREMitel MiVoice Connect < 22.20.2300.0 - Remote Code Execution via Service Appliance Data Validation
Title source: llmExploitation Summary
CVE-2022-29499 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added June 27, 2022, with confirmed use in ransomware campaigns.
Description
The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA.
References (2)
Core 2
Core References
Vendor Advisory x_refsource_confirm
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0002
US Government Resource
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-29499
Scores
CVSS v3
9.8
EPSS
0.8862
EPSS Percentile
99.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
active
Automatable
yes
Technical Impact
total
Details
CISA KEV
2022-06-27
VulnCheck KEV
2022-06-23
InTheWild.io
2022-06-23
ENISA EUVD
EUVD-2022-33836
Ransomware Use
Confirmed
CWE
CWE-20
Status
published
Products (1)
mitel/mivoice_connect
< 22.20.2300.0
Published
Apr 26, 2022
KEV Added
Jun 27, 2022
Tracked Since
Feb 18, 2026