U.S. Cybersecurity and Infrastructure Security Agency Adds Three Known Exploited Vulnerabilities to Catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) Adds Three Known Exploited Vulnerabilities to Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

The List of Vulnerabilities

The list of vulnerabilities is as follows:

• CVE-2024-41713 (CVSS score: 9.1) – A path traversal vulnerability in Mitel MiCollab that could allow an attacker to gain unauthorized and unauthenticated access.
• CVE-2024-55550 (CVSS score: 4.4) – A path traversal vulnerability in Mitel MiCollab that could allow an authenticated attacker with administrative privileges to read local files within the system due to insufficient input sanitization.
• CVE-2020-2883 (CVSS score: 9.8) – A security vulnerability in Oracle WebLogic Server that could be exploited by an unauthenticated attacker with network access via IIOP or T3.

Chaining Vulnerabilities

It’s worth noting that CVE-2024-41713 could be chained with CVE-2024-55550 to permit an unauthenticated, remote attacker to read arbitrary files on the server.

Background on the Flaws

Details about the twin flaws emerged last month following a report from WatchTowr Labs, which discovered the issues as part of its efforts to replicate another critical bug in Mitel MiCollab (CVE-2024-35286, CVSS score: 9.8) that was patched in May 2024.

Oracle’s Warning

As for CVE-2020-2883, Oracle warned in late April 2020 that it had received "reports of attempts to maliciously exploit a number of recently-patched vulnerabilities, including vulnerability CVE-2020-2883."

Real-World Attacks

There are currently no details available on how the aforementioned flaws are exploited in real-world attacks, who may be exploiting them, or the targets of these activities.

Internet-Exposed Mitel MiCollab Instances

According to data from Censys, there are more than 5,600 internet-exposed Mitel MiCollab instances as of writing, with nearly 3,000 of them located in the U.S., followed by Canada, the U.K., Australia, and the Netherlands.

Federal Agency Requirements

Pursuant to Binding Operational Directive (BOD) 22-01, Federal Civilian Executive Branch (FCEB) agencies are required to apply the necessary updates by January 28, 2025, to secure their networks.

Stay Informed

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.