Advisories address two critical vulnerabilities, two high and one other

Threat ID:CC-4561

Threat Severity:Medium

Published:10 October 2024 2:30 PM

Summary

Affected platforms

The following platforms are known to be affected:

Versions: 9.8 SP1 FP2 (9.8.1.201) and earlier

Mitel MiCollab

Threat details

Some of the advice in this article is outdated and organisations should refer to CC-4588

After proof-of-concept technical details were published on 5 December 2024 for CVE-2024-41713 and CVE-2024-55550, exploitation activity chaining these two Mitel MiCollab vulnerabilities was reported. NHS England's National CSOC issued high severity Cyber Alert CC-4588 in response. Affected organisations must review the following Mitel Product Security Advisory MISA-2024-0029 for more information and update to MiCollab 9.8 SP2 (9.8.2.12) or later.

Introduction

Mitel has released security advisories addressing multiple vulnerabilities in MiCollab. MiCollab is a cloud-based platform that integrates chat, voice, video, and SMS messaging for teams.

CVE-2024-41713 is a vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab and has a CVSSv3 score of 9.8. Exploitation could allow an unauthenticated attacker to conduct path traversal due to insufficient input validation.

CVE-2024-47223 is a vulnerability in the Audio, Web and Video Conferencing (AWV) component of Mitel MiCollab and has a CVSSv3 score of 9.4. Exploitation could allow an unauthenticated attacker to conduct SQL injection due to insufficient sanitisation of user input.

Two further vulnerabilities rated as high severity, and one medium severity could lead to authentication bypass, SQL injection or CRLF injection.

Threat updates


12 Dec 2024	CVE-2024-41713 exploited in the wild -- high severity Cyber Alert CC-4588 issued

Remediation advice

Affected organisations are encouraged to review the following Mitel Security Advisories for more information.

Remediation steps


Patch	MiCollab Path Traversal Vulnerability \| MISA-2024-0029 https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-misa-2024-0029
Patch	MiCollab SQL Injection Vulnerability \| MISA-2024-0028 https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-misa-2024-0028
Patch	MiCollab Authentication Bypass Vulnerability \| MISA-2024-0027 https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-misa-2024-0027
Patch	MiCollab SQL Injection Vulnerability in the API Interface \| MISA-2024-0026 https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-misa-2024-0026
Patch	MiCollab CRLF Injection Vulnerability \| MISA-2024-0025 https://www.mitel.com/en-gb/support/security-advisories/mitel-product-security-advisory-misa-2024-0025

Definitive source of threat updates

https://www.mitel.com/en-gb/support/security-advisories

CVE Vulnerabilities

CVE-2024-41713

CVE-2024-47223

CVE-2024-47912

CVE-2024-47189

CVE-2024-47224

Last edited: 12 December 2024 4:23 pm