CISA has warned U.S. federal agencies to secure their systems against critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited in attacks.

CISA addS three new bugs to KEV - two in Mitel’s MiCollab, and one in Oracle WebLogic Server The bugs allowed crooks to read sensitive files and take over vulnerable endpoints Federal agencies ...

Two of the three flaws are found in Mitel’s MiCollab unified communications platform. One is a critical path traversal vulnerability, tracked as CVE-2024-41713. "A successful exploit of this ...

Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw – and a critical remote code execution vulnerability in Oracle WebLogic Server that has ...

In a warning message, Mitel states that MiCollab 9.8 SP2 (9.8.2.12) is protected against the aforementioned combination attack. If attacks on Oracle WebLogic Server are successful, attackers can ...

CISA says two recently disclosed path traversal vulnerabilities in the Mitel MiCollab collaboration platform have been exploited in attacks. The US cybersecurity agency CISA on Tuesday warned that two ...

Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw – and a critical remote code execution vulnerability in Oracle WebLogic Server that has been ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, ...

CVE-2024-41713 - A path traversal vulnerability in Mitel MiCollab that could allow an attacker to gain unauthorised and unauthenticated access. CVE-2024-55550 - A path traversal vulnerability in Mitel ...