This is an important addition to the gang's arsenal, given that Mitel Voice-over-IP (VoIP) products are used by organizations in critical sectors worldwide (including government agencies), with over 19,000 devices currently exposed to attacks over the Internet, per security expert Kevin Beaumont.
Mitel has addressed the vulnerability by releasing security patches in early June 2022 after releasing a remediation script for affected MiVoice Connect versions in April.
Makes a lot of sense as VoIP phone systems are nothing other than network devices, but are not often part of the regular IT patching and updating, yet they are all connected to the network, with wonderful "external connectivity" all of their own.
See Lorenz ransomware breaches corporate network via phone systems
The Lorenz ransomware gang now uses a critical vulnerability in Mitel MiVoice VOIP appliances to breach enterprises using their phone systems for initial access to their corporate networks.