CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-41713

Critical Severity
Mitel
SVRS
82/100
CVSSv3
9.1/10
EPSS
0.93962/1

CVE-2024-41713 is a critical path traversal vulnerability in Mitel MiCollab's NuPoint Unified Messaging (NPM) component. This unauthenticated vulnerability allows attackers to gain unauthorized access to sensitive data. The SOCRadar Vulnerability Risk Score (SVRS) of 82 indicates this is a critical vulnerability requiring immediate action. An attacker exploiting CVE-2024-41713 can view, corrupt, or delete user data and system configurations, leading to significant operational disruption and data breaches. Given active exploits are available and it is listed in the CISA KEV catalog, organizations using affected Mitel MiCollab versions must prioritize patching. The lack of input validation in NPM exposes systems to path traversal attacks, emphasizing the need for robust security measures. This vulnerability's severity is compounded by its ease of exploitation and the potential for widespread damage.

TAGS
In The Wild
Exploit Avaliable
CISA KEV
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:H
I:H
A:N
PUBLICATION DATE2024-10-21
LAST MODIFIED2025-01-11
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-41713 describes a vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab versions up to 9.8 SP1 FP2 (9.8.1.201). This vulnerability allows an unauthenticated attacker to perform a path traversal attack by exploiting insufficient input validation. A successful attack could grant unauthorized access, enabling the attacker to view, modify, or delete user data and system configurations.

The SVRS for this vulnerability is 40. While this score is below the critical threshold of 80, the vulnerability is still considered significant given the potential impact and the fact it is being actively exploited "In The Wild."

Key Insights

  • Unauthenticated Access: The vulnerability does not require the attacker to have any prior credentials or authentication, making it easily exploitable.
  • Path Traversal: Attackers can manipulate input to access and modify files outside intended directories, potentially gaining access to sensitive data or even executing malicious code.
  • Data Corruption and Deletion: The vulnerability allows attackers to modify or delete user data and system configurations, potentially causing significant disruption and data loss.
  • Active Exploitation: The "In The Wild" tag indicates that this vulnerability is being actively exploited by hackers. This signifies a heightened risk as attackers are using the vulnerability to compromise systems.

Mitigation Strategies

  • Patching: The most effective mitigation strategy is to immediately patch the vulnerable NuPoint Unified Messaging component in Mitel MiCollab to the latest version, which addresses the vulnerability.
  • Input Validation: Implement strict input validation measures for all user inputs and data processing to prevent attackers from manipulating paths and accessing unauthorized data.
  • Network Segmentation: Isolating vulnerable systems and networks can help limit the impact of a successful attack, preventing the attacker from spreading laterally and accessing other sensitive systems.
  • Security Awareness Training: Educate users about the risks of clicking suspicious links and downloading files from untrusted sources to reduce the likelihood of falling victim to phishing attacks that exploit vulnerabilities.

Additional Information

If you have further questions regarding this incident or require additional information, please utilize the "Ask to Analyst" feature, contact SOCRadar directly, or open a support ticket for assistance.

Indicators of Compromise

No IOCs found for this CVE

Exploits

TitleSoftware LinkDate
zxj-hub/CVE-2024-41713POChttps://github.com/zxj-hub/CVE-2024-41713POC2024-12-21
Mitel MiCollab Path Traversal Vulnerabilityhttps://www.cisa.gov/search?g=CVE-2024-417132025-01-07
Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

ISC StormCast for Friday, December 6th, 2024
Dr. Johannes B. Ullrich2024-12-06
ISC StormCast for Friday, December 6th, 2024 | Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. BEC Step by Step; Mital MiCollab PoC; Lorex Camera, HPE Aruba Vuln;Business E-Mail Compromise https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Business%20Email%20Compromise/31474 Where There s Smoke, There s Fire - Mitel MiCollab CVE-2024-35286, CVE-2024-41713 And An 0day https://labs.watchtowr.com/where-theres-smoke-theres-fire-mitel-micollab-cve-2024-35286-cve-2024-41713-and-an-0day/ https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029 Lorex 2K Indoor
sans.edu
rss
forum
news
Mitel MiCollab Vulnerabilities: CVE-2024-35286 and CVE-2024-41713 | UpGuard
2025-01-15
Mitel MiCollab Vulnerabilities: CVE-2024-35286 and CVE-2024-41713 | UpGuard | Learn how to detect SQL injection and path traversal vulnerabilities across your infrastructure.
upguard.com
rss
forum
news
Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast - Help Net Security
2025-01-12
Week in review: Exploited Ivanti Connect Secure zero-day, Patch Tuesday forecast - Help Net Security | News Content: Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Ivanti Connect Secure zero-day exploited by attackers (CVE-2025-0282) Ivanti has fixed two vulnerabilities affecting Ivanti Connect Secure, Policy Secure and ZTA gateways, one of which (CVE-2025-0282) has been exploited as a zero-day by attackers to compromise Connect Secure VPN appliances. January 2025 Patch Tuesday forecast: Changes coming in cybersecurity guidance Microsoft released a small set of updates that only applied
google.com
rss
forum
news
Sistemas da Mitel novamente sob ataque
Da Redação2025-01-09
Sistemas da Mitel novamente sob ataque | A Agência de Segurança Cibernética e Infraestrutura dos Estados Unidos (CISA) emitiu um alerta na última terça-feira, destacando que duas vulnerabilidades críticas recentemente identificadas na plataforma de colaboração empresarial Mitel MiCollab estão sendo exploradas em ataques. As falhas, rastreadas como CVE-2024-41713 e CVE-2024-55550, representam um risco significativo para sistemas que não foram atualizados. Em Setembro […] Fonte
cisoadvisor.com.br
rss
forum
news
Telecom Ransomware Attack Expends Globally, UN Data Breach, Cybersecurity Safety Label Launch, Telegram Caves In after Durov Arrest - substack.com
2025-01-08
Telecom Ransomware Attack Expends Globally, UN Data Breach, Cybersecurity Safety Label Launch, Telegram Caves In after Durov Arrest - substack.com | News Content: 1× Current time: 0:00 / Total time: -17:54 Audio playback is not supported on your browser. Please upgrade. Telecom Ransomware Attack Expends Globally, UN Data Breach, Cybersecurity Safety Label Launch, Telegram Caves In after Durov Arrest Breaking Down the Latest Global Cybersecurity Threats and Trends across telecom, IoT safety and the caving of Telegram Good Morning Security Gang! Welcome to another episode of the CyberHub Podcast, your trusted source for the latest cybersecurity news and analysis. Today is
google.com
rss
forum
news
CISA Warns of Three Vulnerabilities Actively Exploited in Attacks
Guru Baran2025-01-08
CISA Warns of Three Vulnerabilities Actively Exploited in Attacks | The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding three critical vulnerabilities that are currently being exploited in the wild. These vulnerabilities affect Mitel MiCollab and Oracle WebLogic Server systems, posing significant risks to organizations and federal agencies. Mitel MiCollab Vulnerabilities Two of the vulnerabilities impact Mitel MiCollab, a widely used [&#8230;] The post CISA Warns of Three Vulnerabilities Actively Exploited in Attacks appeared first on <a
cybersecuritynews.com
rss
forum
news
CVE-2024-41713 | Mitel MiCollab up to 9.8.1.201 NuPoint Unified Messaging path traversal (misa-2024-0029)
vuldb.com2025-01-08
CVE-2024-41713 | Mitel MiCollab up to 9.8.1.201 NuPoint Unified Messaging path traversal (misa-2024-0029) | A vulnerability was found in Mitel MiCollab up to 9.8.1.201. It has been rated as critical. Affected by this issue is some unknown functionality of the component NuPoint Unified Messaging. The manipulation leads to path traversal. This vulnerability is handled as CVE-2024-41713. The attack may be
vuldb.com
rss
forum
news

Social Media

CVE-2024-41713 Authentication Bypass Leading to Arbitrary File Read in Mitel MiCollab First, the authentication Bypass and SQL Injection vulnerabilities discovered, and the vulnerability was disclosed to Mitel PSIRT. By using this flaw, a path traversal attack could be done https://t.co/1Q1ke1wEyO
0
0
0
CISA has flagged 3 actively exploited vulnerabilities—two in Mitel MiCollab and one in Oracle WebLogic Server. ⤷ CVE-2024-41713: Remote access via path traversal. ⤷ CVE-2024-55550: Exploited by attackers with admin privileges. ⤷ CVE-2020-2883: A high-severity https://t.co/LLRdxGWrxT
0
0
0
2/9 CVE-2024-41713 in Mitel MiCollab allows unauthenticated access. Could lead to data breaches. #CyberVulnerability #DataSecurity 🔓
0
0
0
@SecurityWeek •CISA has warned that two recently disclosed path traversal vulnerabilities in the Mitel MiCollab collaboration platform have been exploited in attacks. •The two security defects, tracked as CVE-2024-41713 and CVE-2024-55550, are described as path traversal issues that impact
0
0
0
CISA has flagged 3 actively exploited vulnerabilities—two in Mitel MiCollab and one in Oracle WebLogic Server. ⤷ CVE-2024-41713: Remote access via path traversal. ⤷ CVE-2024-55550: Exploited by attackers with admin privileges. ⤷ CVE-2020-2883: A high-severity vulnerability in https://t.co/Ci6amPEJgr
0
3
2
CISA has flagged 3 actively exploited vulnerabilities—two in Mitel MiCollab and one in Oracle WebLogic Server. ⤷ CVE-2024-41713: Remote access via path traversal. ⤷ CVE-2024-55550: Exploited by attackers with admin privileges. ⤷ CVE-2020-2883: A... https://t.co/poJ4iEVyja
0
0
0
🛡️ We added #Oracle WebLogic &amp; #Mitel MiCollab vulnerabilities, CVE-2020-2883, CVE-2024-41713 &amp; CVE-2024-55550, to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/dOIn6I9vuB &amp; apply mitigations to protect your org from cyberattacks. #Cybersecurity #InfoSec https://t.co/Rvw0aYaPGy
0
2
2
CISACyber RT: 🛡️ We added #Oracle WebLogic &amp; #Mitel MiCollab vulnerabilities, CVE-2020-2883, CVE-2024-41713 &amp; CVE-2024-55550, to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/OGvjfzn7HJ &amp; apply mitigations to protect your org from cy… https://t.co/i0ts4glIsh
0
0
0
🚨 New #FortiGuardLabs Outbreak Alert: Security vulnerabilities in Mitel MiCollab have been uncovered, including CVE-2024-35286, CVE-2024-41713, and an arbitrary file read zero-day ⮕ https://t.co/KMeN9xWHti https://t.co/rcmldpKPmq
0
0
0
#ThreatProtection #CVE-2024-41713 - Authentication Bypass #vulnerability in Mitel MiCollab read more about Symantec's protection: https://t.co/0DwxW7FKBS
0
0
1

Affected Software

Configuration 1
TypeVendorProduct
AppMitelmicollab

References

ReferenceLink
[email protected]https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-misa-2024-0029

CWE Details

CWE IDCWE NameDescription
CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence