Critical Zero-Day Exploit Exposed in Mitel MiCollab: Enterprise Systems at Risk

Critical Zero-Day Exploit Exposed in Mitel MiCollab: Enterprise Systems at Risk

Zero-Day Vulnerability Discovered in Mitel MiCollab Platform

Security researchers at watchTowr have identified a critical zero-day vulnerability in Mitel MiCollab, a widely-used enterprise collaboration platform. The flaw enables unauthorized access to server filesystem files through arbitrary file read capabilities.

The Vulnerability
The security flaw was discovered while investigating the platform’s ‘ReconcileWizard’ servlet, where researchers found that manipulating the ‘reportName’ parameter with path traversal strings could expose sensitive system files like ‘/etc/passwd’. Despite being reported to Mitel on August 26, the vulnerability remains unpatched, with fixes planned for December 2024.

Impact and Context
Mitel MiCollab, which provides integrated communication services including voice, video, messaging, and team collaboration features, is used across various organizations from large corporations to small businesses. This vulnerability follows two recently patched flaws in the platform:
– CVE-2024-35286: SQL injection vulnerability (patched May 23)
– CVE-2024-41713: Authentication bypass issue (patched October 9)

Recommended Security Measures
Organizations using MiCollab should implement these protective measures:
1. Restrict MiCollab server access to trusted IP ranges
2. Deploy protective firewall rules
3. Monitor logs for suspicious activities
4. Consider disabling the ReconcileWizard servlet
5. Maintain updated software versions

While the zero-day remains unpatched, these security measures can help minimize potential risks until an official fix is released.

Share This Article