Mastodawn

securityaffairs Jan 8, 2025

U.S. #CISA adds #Oracle #WebLogic Server and #Mitel #MiCollab flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/172783/security/u-s-cisa-adds-oracle-weblogic-server-mitel-micollab-flaws-known-exploited-vulnerabilities-catalog.html
#securityaffairs #hacking

U.S. CISA adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog.

Security Affairs

RF Wave Dec 6, 2024

Security researchers reveal a #zeroday vulnerability in #Mitel #MiCollab

The vulnerability does not currently have a tracking number, nor does it have a patch. When exploited, an attacker can gain access to sensitive system files without authentication.

Administrators are advised to limit access to MiCollab to trusted IPs, implement firewall rules, monitor logs for suspicious activity, and/or disable the ReconcileWizard feature

#cybersecurity #vulnerabilitymanagement

https://www.bleepingcomputer.com/news/security/mitel-micollab-zero-day-flaw-gets-proof-of-concept-exploit/

Mitel MiCollab zero-day flaw gets proof-of-concept exploit

Researchers have uncovered an arbitrary file read zero-day in the Mitel MiCollab collaboration platform, allowing attackers to access files on a server's filesystem.

BleepingComputer

BSI WID Advisories Feed Oct 10, 2024

#BSI WID-SEC-2024-3141: [NEU] [hoch] #Mitel #MiCollab: Mehrere Schwachstellen

Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Mitel MiCollab ausnutzen, um Dateien zu manipulieren, Sicherheitsmaßnahmen zu umgehen, Phishing-Angriffe durchzuführen und vertrauliche Informationen preiszugeben.

https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3141