Security News > 2025 > January > CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
2025-01-08 04:21
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2024-41713 (CVSS score: 9.1) - A path traversal vulnerability in Mitel MiCollab that could allow an attacker
News URL
https://thehackernews.com/2025/01/cisa-flags-critical-flaws-in-mitel-and.html
Related news
- CISA warns of critical Oracle, Mitel flaws exploited in attacks (source)
- Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation (source)
- CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks (source)
- Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers (source)
- CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel (source)
- CISA warns water facilities to secure HMI systems exposed online (source)
- Patch Alert: Critical Apache Struts Flaw Found, Exploitation Attempts Detected (source)
- CISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities List (source)