Company

ABOUT ESENTIRE

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

About Us →

Leadership →

Careers →

Event Calendar →

Newsroom →

EVENT CALENDAR

Apr

Data Connectors St. Louis

May

Milwaukee Cybersecurity Summit

May

RSA Conference

May

Secure360 Conference

Jun

Dallas Technology Summit

View Calendar →

LATEST PRESS RELEASE

Apr 03, 2024

Global Cybersecurity Solutions Provider, eSentire, Launches a New Technology Innovation Center in India

Bengaluru, India – April 4, 2024 – eSentire, Inc., the Authority in Managed Detection and Response (MDR), announced today the opening of its new Technology Innovation Center in India, under the legal entity eSentire India Private Limited. The Innovation Center will extend eSentire’s global…

View Newsroom →

Partners

PARTNER PROGRAM

We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.

LEARN MORE →

Apply to become an e3 ecosystem partner with eSentire today.

APPLY NOW →

Speak With A Security Expert Now

TALK TO AN EXPERT

THE THREAT

On March 8th, 2022, the Canadian Centre for Cyber Security (CCCS) disclosed ongoing attacks exploiting the Mitel vulnerability CVE-2022-26143 (CVSS:9.8). The vulnerability impacts the Mitel MiCollab and MiVoice Business Express products. Exploitation of CVE-2022-26143 allows remote and unauthenticated threat actors to gain initial access to victim devices, execute code, and perform Denial-of-Service (DoS) attacks.

Security patches are not available for CVE-2022-26143. Organizations using Mitel MiCollab and MiVoice Business Express are strongly encouraged to ensure devices are secured behind a firewall to minimize the likelihood of exploitation.

What we’re doing about it

eSentire Managed Vulnerability Service (MVS) will automatically add the relevant plugins for this vulnerability once details are made available
eSentire security teams are tracking this threat for additional details and detection opportunities

What you should do about it

Mitel has provided a script to mitigate the vulnerability
Organizations are recommended to review Mitel products and ensure they are deployed on internal networks or secured via a firewall
Apply firewall rules to block specific ports to the MiVoice Business Express
Once patches are released, organizations are recommended to perform a business impact review and apply the relevant patches
- Mitel has not stated when security patches will be made available

Additional information

CVE-2022-26143 was initially reported in February 2022; exploitation of the vulnerability has been ongoing since at least February 18th. Attacks in the wild are reported to have been performed in order to launch large scale Distributed Denial of Service (DDoS) attacks.

It should be noted that CVE-2022-26143 has alternatively been referred to as CVE-2022-26487. These CVS designations are duplicates and CVE-2022-26487 has been depreciated.

Impacted Products:

Mitel MiCollab – version R9.4SP1 and prior
MiVoice Business Express – version R8.1 and prior

References:

[1] https://cyber.gc.ca/en/alerts/mitel-security-advisory-av22-123
[2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-26143/
[3] https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-22-0001
[4] https://mitel.custhelp.com/app/answers/answer_view/a_id/1017561 (Authentication Required)
[5] https://www.mitel.com/-/media/mitel/file/pdf/support/security-advisories/security-bulletin_22-0001-02-v1---mivbx.pdf
[6] https://blog.cloudflare.com/cve-2022-26143-amplification-attack/

ESENTIRE SERVICES

Managed Detection and Response

Digital Forensics and Incident Response

Exposure Management Services

ESENTIRE PLATFORM AND PEOPLE

Extended Detection and Response (XDR)

Security Operations Center (SOC)

Threat Response Unit (TRU)

Cyber Resilience Team

eSentire MDR for Microsoft

USE CASES

Ransomware

Cybersecurity Compliance

Zero Day Attacks

Cloud Misconfiguration

Third-Party Risk

Do More With Less

Cyber Risk

Cyber Insurance

Sensitive Data Security

INDUSTRIES

Insurance

Construction

Finance

Legal

Manufacturing

Private Equity

Healthcare

Retail

Food Supply

Government and Education

24/7 MDR SIGNALS

Network

Endpoint

Log

Cloud

Insider Threat

MDR Pricing

From The Blog

Building an Effective Threat Hunting Program for Proactive Cyber Defense

Don't Take the Bait: The XWorm Tax Scam

SolarMarker's Shift to PyInstaller Tactics

Resources

Case Studies

TRU Intelligence Center

Cybersecurity Tools

Videos

Reports

Webinars

Data Sheets

Real vs. Fake MDR

Blogs

Security Advisories

SECURITY ADVISORIES

Update: Zero-Day Vulnerability Impacts Palo Alto (CVE-2024-3400)

Zero-Day Vulnerability Impacts Palo Alto (CVE-2024-3400)

ABOUT ESENTIRE

About Us →

Leadership →

Careers →

Event Calendar →

Newsroom →

EVENT CALENDAR

Data Connectors St. Louis

Milwaukee Cybersecurity Summit

RSA Conference

Secure360 Conference

Dallas Technology Summit

LATEST PRESS RELEASE

Global Cybersecurity Solutions Provider, eSentire, Launches a New Technology Innovation Center in India

PARTNER PROGRAM

Search our site

Quick Links

Multi-Signal Managed Detection and Response

24/7 Global Security Operations Centers

eSentire MDR Pricing

Cybersecurity Tools

TRU Intelligence Center

Case Studies and Customer Testimonials

Get Started →

The Proven Choice for
Managed Detection and Response

Sales and
Customer Support