Remote Code Execution Vulnerability in Mitel MiVoice Connect Service Appliance Component

CVE-2022-29499 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA.

Learn more about our Web Application Penetration Testing UK.