Outbreak AlertMitel MiCollab Unauthorized Access Attack
Watch Video
Actively exploited VOIP platform
Security flaws in Mitel MiCollab, CVE-2024–35286, CVE-2024–41713, and an arbitrary file read zero-day (still without a CVE number) have been found, putting many organizations at risk. These vulnerabilities allow attackers to bypass authentication and access files on affected servers, revealing sensitive information that could expose organizations to serious security risks. Learn More »
Common Vulnerabilities and Exposures
Background
Mitel MiCollab is a popular solution that combines voice calling, video calling, chat, file sharing, screen sharing, and more into one platform for enterprise communications.
-A SQL injection vulnerability, CVE-2024-35286, has been identified in NuPoint Unified Messaging (NPM) component of Mitel MiCollab which, if successfully exploited, could allow a malicious actor to conduct a SQL injection attack.
-A path traversal vulnerability, CVE-2024-41713, in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation.
-An arbitrary file read zero-day, without a CVE number. The zero-day can only be exploited by authenticated attackers.
A recently released Proof-of-Concept (PoC) exploit demonstrates how attackers can chain these vulnerabilities to compromise systems, and steal sensitive data to the organizations.
Latest Development
Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered.
Mitel has released fixes for the vulnerabilities (CVE-2024-35286 and CVE-2024-41713 ). Organizations that have not implemented the latest patch are advised to do so immediately and monitor vendor advisories for further patch releases and information.
-
January 07, 2025: CVE-2024-41713 Mitel MiCollab Path Traversal Vulnerability added to CISA Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.
https://www.cisa.gov/known-exploited-vulnerabilities-catalog -
December 10, 2024: FortiGuard released Threat Signal Report
https://www.fortiguard.com/threat-signal-report/5599/mitel-micollab-unauthorized-access-cve-2024-35286-cve-2024-41713 -
October 09, 2024: Mitel Product Security Advisory MISA-2024-0029 MiCollab Path Traversal Vulnerability
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029 -
May 23, 2024: Mitel Product Security Advisory 24-0014 MiCollab SQL Injection Vulnerability
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0014
FortiGuard Cybersecurity Framework
Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services.
-
Lure
-
Decoy VM
-
IPS
-
Web App Security
-
IOC
-
Outbreak Detection
-
Threat Hunting
-
Automated Response
-
Assisted Response Services
-
NOC/SOC Training
-
End-User Training
-
Vulnerability Management
-
Attack Surface Monitoring (Inside & Outside)
-
Attack Surface Hardening
Threat Intelligence
Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities.
References
Sources of information in support and relation to this Outbreak and vendor.