December 6, 2024 at 01:07AM
A zero-day file read vulnerability in Mitel MiCollab can be exploited with a previously patched bug, allowing unauthorized access to sensitive files. Despite reporting the issue to Mitel over 100 days ago, it remains unpatched. The vulnerability is particularly concerning given the platform’s widespread use.
**Meeting Takeaways:**
1. **Vulnerability Overview**: A zero-day arbitrary file read vulnerability in Mitel MiCollab can be exploited when combined with a previously patched critical SQL injection flaw. This combination allows attackers to access sensitive files on affected instances.
2. **Proof-of-Concept (PoC)**: The PoC exploit, created by watchTowr, demonstrates how the two vulnerabilities can be chained together. WatchTowr waited over 100 days for Mitel to issue a fix before publishing the PoC.
3. **Mitel Involvement and Response**: The Register has reached out to Mitel for comments regarding the patch for the zero-day vulnerability but has not received a response. Updates will be provided once more information is available.
4. **Mitel MiCollab Description**: MiCollab is an enterprise collaboration tool used for voice, video, chat, SMS, web conferencing, and file sharing, with over 16,000 instances globally, making it a target for cybercriminals.
5. **Previous Vulnerabilities**:
– **CVE-2024-35286**: A critical SQL injection vulnerability in the NuPoint Unified Messaging (NPM) component identified by watchTowr and patched in May.
– **CVE-2024-41713**: An authentication bypass vulnerability in the NPM component, resolved in October, which allows unauthenticated access leading to possible data manipulation.
6. **Current Status of Vulnerability**: A third flaw, an arbitrary file read vulnerability that requires authentication, is still unpatched. Mitel was contacted about this issue in August, with a promised patch for December that has not yet materialized.
7. **Concerns Raised**: WatchTowr has expressed concern about the delays in addressing the arbitrary file read vulnerability, stating that the issue remains unpatched despite prior communication regarding its risks.
8. **Implications**: The ongoing vulnerabilities pose significant risks to organizations using Mitel MiCollab, particularly with the potential for unauthorized access to sensitive information.
**Action Items**:
– Follow up with Mitel for an update on the status of the patch for the zero-day vulnerability.
– Monitor Mitel’s Security Advisory page for any developments.