Mitel has released patches for a critical remote-exploit vulnerability in MiCollabβs NuPoint Unified Messaging component, affecting versions 9.8 SP2 and earlier. The flaw could enable attackers to access sensitive information and perform unauthorized actions, with over 20,000 exposed instances potentially at risk. #CISA #MiCollabVulnerability
Keypoints
- The vulnerability is a path traversal issue impacting MiCollab versions 9.8 SP2 and earlier.
- A patch has been released in version 9.8.3.1 and later to address the security flaw.
- Exploited remotely, the flaw can allow unauthorized access to system information and administrative privileges.
- Over 20,000 internet-exposed MiCollab instances were identified as potentially vulnerable.
- Threat actors have previously exploited similar vulnerabilities, increasing the risk for affected organizations.