On Linux-based Mitel MiVoice VOIP appliances, hackers have used zero-day exploits to hack into the systems. These attempts appear to be the beginning of a larger ransomware attack in which they are attempting to get initial access.
The most critical organizations in various sectors rely on Mitel VOIP devices for their telephone communication needs. While an attack that amplifies DDoS attacks was recently perpetrated by threat actors by exploiting these vulnerable devices.
The security experts at CrowdStrike have claimed that the breach was first exploited to get access to the network through a zero-day RCE vulnerability that has been tracked as “CVE-2022-29499.”