Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access

2024-12-05 14:56

Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances. The critical vulnerability in question is CVE-2024-41713 (CVSS score: 9.8), which relates to a case of insufficient input

News URL

https://thehackernews.com/2024/12/critical-mitel-micollab-flaw-exposes.html

#critical #mitel #systems #CVE-2024-41713

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2024-10-21	CVE-2024-41713	A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation.	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Mitel		60	2	51	27	29	109

News URL

Related news

Related Vulnerability

Related vendor