Skip to main content

Evidence of chained exploitation of path traversal vulnerabilities affecting Mitel MiCollab following public release of proof-of-concept code

Threat ID:CC-4588
Threat Severity:High
Published:11 December 2024 4:09 PM

Summary

Evidence of chained exploitation of path traversal vulnerabilities affecting Mitel MiCollab following public release of proof-of-concept code  

Affected platforms

The following platforms are known to be affected:

Threat details

Exploitation in the wild of vulnerabilities CVE-2024-41713 and CVE-2024-5550

Technical analysis and proof-of-concept (PoC) exploit code of the vulnerabilities CVE-2024-41713 and CVE-2024-55550 have been published by researchers.  Immediately following the public release of a PoC there have been reports of exploitation attempts in the wild. Organisations are required to update as soon as practicable.


Introduction

After proof-of-concept technical details were published on 5 December 2024 for CVE-2024-41713 and CVE-2024-55550, exploitation activity chaining these two Mitel MiCollab vulnerabilities has been reported. 

MiCollab is a cloud-based platform that integrates chat, voice, video, and SMS messaging for teams.



Vulnerability details

  • CVE-2024-41713 is a vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab and has a CVSSv3 score of 9.8. Successful exploitation could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation, leading to access to provisioning information including non-sensitive user and network information and perform unauthorised administrative actions on the MiCollab Server. This vulnerability was reported in Cyber Alert CC-4561, but it was not reported as exploited at the time of publication.

 

  • CVE-2024-55550 is a path traversal vulnerability in MiCollab could allow an authenticated attacker with administrative privilege to conduct a local file read within the system due to insufficient input sanitization. A successful exploit could allow the authenticated admin attacker to access resources that are constrained to the admin access level, and the disclosure is limited to non-sensitive system information. This vulnerability does not allow file modification or privilege escalation. The exposure is substantially mitigated by applying the available remediation for CVE-2024-41713 and the vulnerability severity is rated as low. 

Remediation advice

Affected organisations must review the following Mitel Product Security Advisory MISA-2024-0029 for more information and update to MiCollab 9.8 SP2 (9.8.2.12) or later. 

Remediation steps

   
Patch

MiCollab Path Traversal Vulnerability | MISA-2024-0029


https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-misa-2024-0029

Definitive source of threat updates

CVE Vulnerabilities

StatusPublished
CVE-2024-41713A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the attacker to view, corrupt, or delete users' data and system configurations.
StatusPublished
CVE-2024-55550Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative privilege to conduct a local file read, due to insufficient input sanitization. A successful exploit could allow the authenticated admin attacker to access resources that are constrained to the admin access level, and the disclosure is limited to non-sensitive system information. This vulnerability does not allow file modification or privilege escalation.

Last edited: 12 December 2024 10:25 am

Back to top