1:00pm, 8 January 2025
TLP Rating:
Active exploitation affecting Mitel MiCollab
Two vulnerabilities affecting Mitel MiCollab are being actively exploited.
CVE-2024-41713 is an authentication bypass vulnerability that could allow an unauthenticated attacker unauthorised access to the system and user data.
CVE-2024-55550 could allow an authenticated attacker with administrative privileges to conduct a local file read within the system due to insufficient input sanitisation.
An upgrade to the latest version is required.
What's happening
Systems affected
For CVE-2024-41713, the following versions are affected:
- MiCollab versions up to 9.8 SP1 FP2 (9.8.1.201)
What this means
Listed MiCollab versions are vulnerable.
A chained exploit leveraging both CVE-2024-41713 and CVE-2024-55550 could allow unauthenticated access to resources constrained to the administrative access levels. This may allow an attacker to bypass authentication and access files containing user account information.
What to look for
How to tell if you're at risk
If you are running a Mitel MiCollab instance within the version range listed above.
What to do
Prevention
To prevent the exploit chain, Mitel MiCollab installations need to be upgraded to:
- MiCollab 9.8 SP2 (9.8.2.12) or subsequent releases.
Mitigation
If you are a customer, additional mitigations are available in the KMS article found via the vendor advisory.
More information
Refer to vendor advisory for more information.
Mitel Product Security Advisory MISA-2024-0029 External Link
If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.
Report an incident to CERT NZ External Link
How helpful was this page?
This site is protected by reCAPTCHA and the Google Privacy Policy External Link and Terms of Service External Link apply.