Tag

#mitel

2 posts tagged #mitel.

Analysis · May 20, 2026 · Colten Anderson

Lorenz ransomware's way in was the phone system

In 2022, Lorenz ransomware breached corporate networks through a Mitel MiVoice Connect appliance, the VoIP system, using CVE-2022-29499 as a zero-day. Telephony and unified-comms appliances are edge servers running web code, and almost nobody treats them that way.
Analysis · May 8, 2026 · Colten Anderson

Mitel MiCollab keeps shipping the same path-traversal bug class

watchTowr published a working unauth file-read chain on December 5, 2024 with one of the two CVEs still a 0-day. The pattern across NPM, ReconcileWizard, and AWV is structural, and operators tolerate it because UC is the most upgrade-averse tier in the enterprise.