December 5, 2024 at 04:31PM
Two vulnerabilities in Mitel’s MiCollab platform expose enterprise data risks. CVE-2024-35286 and CVE-2024-41713 enable unauthorized access and file reading. Attackers can exploit these flaws, especially with public MiCollab devices, posing serious threats to organizational communication and data integrity. Mitel has patched some issues, but one remains unaddressed.
### Meeting Takeaways:
1. **New Vulnerabilities in Mitel MiCollab**:
– Two vulnerabilities (CVE-2024-35286 and CVE-2024-41713) have been identified in Mitel’s MiCollab unified communications platform, risking the exposure of sensitive enterprise data.
2. **Details on Vulnerabilities**:
– **CVE-2024-35286**: A critical SQL injection vulnerability with a CVSS score of 9.8, enabling unauthorized access to business data with specific configuration requirements.
– **CVE-2024-41713**: A high-severity path traversal vulnerability (CVSS score of 7.5) allowing attackers to bypass barriers to sensitive endpoints without authentication.
3. **Proof of Concept**:
– A proof-of-concept exploit has been published that demonstrates the combination of the aforementioned vulnerabilities, aiming at accessing sensitive files within MiCollab.
4. **Exposure Risk**:
– Mayuresh Dani from Qualys noted over 10,000 publicly exposed Mitel MiCollab devices could be vulnerable, especially if the NuPoint Unified Messaging feature is enabled.
5. **Potential Attacks**:
– Attackers could gain access to critical authentication files, posing a risk of further breaches, such as acquiring sensitive communication data.
6. **Broader Trend**:
– The vulnerabilities underline a trend of targeting communication platforms to conduct cyberattacks, following similar incidents in the past, including the 2022 Mitel MiVoice Connect vulnerability.
7. **Remediation Efforts**:
– Mitel has patched the two named CVEs as of October 9, but the arbitrary file-read vulnerability remains unpatched at publication time. Organizations should ensure that their MiCollab installations are updated to mitigate these risks.
8. **Call to Action**:
– Organizations are advised to monitor and secure their systems proactively, especially in light of these vulnerabilities affecting critical communication channels.