Report a cybercrime, cyber security incident or vulnerability.
Report

What are you looking for?

You can search for keywords to find pages that can help you e.g. scam
First published: 09 Dec 2024
Last updated: 09 Dec 2024

Content written for

Small & medium business
Large organisations & infrastructure
Government

This alert is intended for the technical staff and systems administrator/s within affected organisations.

Background / What has happened?

The ASD’s ACSC is tracking multiple vulnerabilities in Mitel MiCollab collaboration software. The vulnerabilities identified are SQL injection and Authentication Bypass/Path Traversal, which may allow access to sensitive content.

We have assessed that there is significant exposure to the Mitel MiCollab vulnerabilities in Australia and that any exploitation would have significant impact to Australian systems and networks.

CVE-2024-35286

A security flaw in NuPoint Messenger within Mitel MiCollab versions up to 9.8.0.33 permits an unauthenticated attacker to launch a SQL injection attack due to improper sanitization of user input. Exploiting this vulnerability could enable the attacker to retrieve sensitive information and execute unauthorised database and management commands.

CVE-2024-41713

A vulnerability in the NuPoint Unified Messaging component of Mitel MiCollab, up to version 9.8 SP1 FP2 (9.8.1.201), allows an unauthenticated attacker to execute a path traversal attack due to insufficient input validation. Successful exploitation could provide unauthorised access, enabling the attacker to view, alter, or delete user data and system configurations.

Mitigation / How do I stay secure?

  • Investigate systems to determine if at risk.
  • Upgrade to the latest version if possible.
  • While assessing and determining your ability to apply patches, you may consider the following:
    • Implement ACLs or firewall policies to limit access to the MiCollab server to trusted IP ranges or internal networks only.
    • Monitor logs for suspicious activity targeting the ReconcileWizard servlet or path traversal patterns.
    • Monitor for unexpected access to sensitive files or configuration data.
    • If feasible, disable or restrict access to the ReconcileWizard servlet.
  • Monitor vendor advisories for further patch releases and information.

Mitel Security Advisories:

If suspicious activity is detected, notify ASD’s ACSC via cyber.gov.au or 1300 CYBER1 (1300 292 371).

Assistance / Where can I go for help?

The ASD’s ACSC is monitoring the situation and is able to provide assistance and advice as required. Organisations or individuals that have been impacted or require assistance can contact us via 1300 CYBER1 (1300 292 371).

Was this information helpful?

Thanks for your feedback!

Optional

Tell us why this information was helpful and we’ll work on making more pages like it