Ethical Hacking News
CISA Flags Critical Vulnerabilities in Mitel and Oracle Systems Amid Active Exploitation
A growing concern for cybersecurity has been raised by the recent addition of three critical vulnerabilities impacting Mitel MiCollab and Oracle WebLogic Server. Learn more about this developing story and how organizations can take steps to secure their systems.
Three critical vulnerabilities were added to CISA's KEV catalog: CVE-2024-41713, CVE-2024-55550, and CVE-2020-2883. CVE-2024-41713 and CVE-2024-55550 are path traversal vulnerabilities in Mitel MiCollab that allow unauthorized access and read local files, respectively. CVE-2020-2883 is a security vulnerability in Oracle WebLogic Server that can be exploited by unauthenticated attackers via IIOP or T3. The twin flaws in Mitel MiCollab could be chained together to allow an attacker to read arbitrary files on the server. FCEB agencies are required to apply updates by January 28, 2025, to mitigate this risk (Binding Operational Directive 22-01).
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added three critical vulnerabilities impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2024-41713 (CVSS score: 9.1), a path traversal vulnerability in Mitel MiCollab that could allow an attacker to gain unauthorized and unauthenticated access; CVE-2024-55550 (CVSS score: 4.4), a path traversal vulnerability in Mitel MiCollab that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization; and CVE-2020-2883 (CVSS score: 9.8), a security vulnerability in Oracle WebLogic Server that could be exploited by an unauthenticated attacker with network access via IIOP or T3.
The twin flaws, CVE-2024-41713 and CVE-2024-55550, emerged last month following a report from WatchTowr Labs, which discovered the issues as part of its efforts to replicate another critical bug in Mitel MiCollab (CVE-2024-35286, CVSS score: 9.8) that was patched in May 2024. The discovery highlights the ongoing threat posed by vulnerabilities in widely used software applications.
Furthermore, CVE-2020-2883 is a security vulnerability in Oracle WebLogic Server that was warned about by Oracle in late April 2020. According to reports from WatchTowr Labs, this vulnerability has been the subject of malicious exploitation attempts.
It's worth noting that the twin flaws discovered in Mitel MiCollab could be chained together to permit an unauthenticated, remote attacker to read arbitrary files on the server. The impact of these vulnerabilities cannot be overstated, as they pose a significant risk to organizations that utilize these systems.
In light of this growing concern for cybersecurity, it is essential that Federal Civilian Executive Branch (FCEB) agencies take immediate action to secure their networks. Pursuant to Binding Operational Directive (BOD) 22-01, FCEB agencies are required to apply the necessary updates by January 28, 2025, in order to mitigate this risk.
In conclusion, the addition of these three critical vulnerabilities to the KEV catalog serves as a stark reminder of the ongoing threat posed by software vulnerabilities. As organizations continue to grapple with the complexities of cybersecurity, it is crucial that they prioritize the application of updates and patches in order to safeguard their systems against malicious exploitation.
Related Information:
https://thehackernews.com/2025/01/cisa-flags-critical-flaws-in-mitel-and.html
https://www.cisa.gov/news-events/alerts/2025/01/07/cisa-adds-three-known-exploited-vulnerabilities-catalog
https://nvd.nist.gov/vuln/detail/CVE-2024-41713
https://www.cvedetails.com/cve/CVE-2024-41713/
https://nvd.nist.gov/vuln/detail/CVE-2024-55550
https://www.cvedetails.com/cve/CVE-2024-55550/
https://nvd.nist.gov/vuln/detail/CVE-2020-2883
https://www.cvedetails.com/cve/CVE-2020-2883/
https://nvd.nist.gov/vuln/detail/CVE-2024-35286
https://www.cvedetails.com/cve/CVE-2024-35286/
Published: Wed Jan 8 00:26:59 2025 by llama3.2 3B Q4_K_M
