The Register

Mitel 0-day, 5-year-old Oracle RCE exploited in the wild

Government agency addS three new flaws to its KEV catalog, signaling in-the-wild abuse.

Tech Radar

Future plc

United Kingdom

CISA says Oracle and Mitel have critical security flaws being exploited

Admins should arm their systems with Mitel and Oracle software against ongoing attacks.

Admins sollten ihre Systeme mit Mitel- und Oracle-Software gegen derzeit laufende Angriffe rüsten.

US-Sicherheitsbehörde warnt vor Attacken auf MiCollab und WebLogic Server

Heise

Germany

US security agency warns of attacks on MiCollab and WebLogic Server

Media Bias/Fact Check

CISA has warned U.S. federal agencies to secure their systems against critical vulnerabilities in Oracle WebLogic Server and Mitel MiCollab systems that are actively exploited in attacks. [...]

BleepingComputer

CISA warns of critical Oracle, Mitel flaws exploited in attacks

Two Mitel MiCollab bugs were added to the KEV catalog, while a patched Oracle WebLogic Server exploit is still under threat. 

Introduction to Malware Binary Triage (IMBT) Course
Looking to level up your skills? Get 10% &hellip;

Malware Analysis, News and Indicators

CISA adds Mitel and Oracle bugs to exploited vulnerabilities list

Attackers are actively expoiting flaws in Mitel MiCollab flaws to gain unauthorized access to sensitive system files, the US Cybersecurity and Infrastructure Security Agency (CISA) has warned. On Tuesday the agency added two path traversal vulnerabilities in the widely used communication platform to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of exploitation. “These type of vulnerabilities are frequent attack vectors for m…

CSO Online

Critical Mitel, Oracle flaws find active exploitation, CISA urges patching

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three flaws impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The list of vulnerabilities is as follows 
CVE-2024-41713 (CVSS score: 9.1) - A path traversal vulnerability in Mitel MiCollab that could allow an attacker

The Hacker News

CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation

3 CVEs added to CISA's catalog Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw, alongside a critical remote code execution vulnerability in Oracle WebLogic Server that has been exploited for at least five years. . . .

technewstube.com

Mitel 0-day, 5-year-old Oracle RCE bugs under active exploit

CISA has added Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic Server (CVE-2020-2883) vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. The Mitel MiCollab vulnerabilities exploited Mitel MiCollab is a popular enterprise collaboration suite. CVE-2024-41713 and CVE-2024-55550 are both path traversal vulnerabilities. The former is exploitable without authentication, and may allow an attacker to gain access “t…

Mitel 0-day, 5-year-old Oracle RCE exploited in the wild

Coverage Details

Bias Distribution

Ownership

Similar News Topics

Similar News Topics