Mitel Product Security Advisory 24-0023
Mitel Product Security Advisory 24-0023
MiCollab Privilege Escalation Vulnerability
Advisory ID: 24-0023
Publish Date: 2024-07-24
Last Updated: 2024-07-24
Revision: 1.0
Summary
A privilege escalation vulnerability has been identified in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab which, if successfully exploited, could allow a malicious actor to execute arbitrary commands with elevated privileges.
Mitel is recommending customers with affected product versions update to the latest release.
Affected Products
Security Bulletins are being issued for the following products:
| Product Name | Product Version | Security Bulletin | Last Updated |
|---|---|---|---|
| MiCollab | 9.8 SP1 (9.8.1.5) and earlier | 24-0023-001 | 2024-07-24 |
Risk Assessment
The risk of this vulnerability is rated as High.
Mitigation / Recommended Action
Customers are advised to update their software to the latest versions. For additional information, contact Product Support.
Related CVEs / CWEs / Advisories
CVE-2024-35287
Revision History
| Version | Date | Description |
|---|---|---|
| 1.0 | 2024-07-24 | Initial version |