Pierluigi Paganini January 08, 2025

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Oracle WebLogic Server and Mitel MiCollab flaws to its Known Exploited Vulnerabilities catalog.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Oracle WebLogic Server and Mitel MiCollab vulnerabilities, to its Known Exploited Vulnerabilities (KEV) catalog.

Below are the descriptions for the vulnerabilities added to the catalog:

CVE-2020-2883 (CVSS score 9.8) is a vulnerability in Oracle WebLogic Server (versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0). An unauthenticated attacker with network access via IIOP, T3 can exploit the issue to compromise Oracle WebLogic Server.

“This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebLogic. Authentication is not required to exploit this vulnerability.” reported the advisory published by ZDI. “The specific flaw exists within the handling of the T3 protocol. Crafted data in a T3 protocol message can trigger the deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process.”

CVE-2024-41713 (CVSS score 9.8) is a Path Traversal Vulnerability in Mitel MiCollab (up to 9.8 SP1 FP2). Mitel MiCollab has a NuPoint Unified Messaging vulnerability enabling unauthenticated path traversal attacks, risking data and configuration integrity.

“A path traversal vulnerability, CVE-2024-41713, in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab could allow an unauthenticated attacker to conduct a path traversal attack due to insufficient input validation. A successful exploit of this vulnerability could allow an attacker to gain unauthorized access, with potential impacts to the confidentiality, integrity, and availability of the system. This vulnerability is exploitable without authentication.” reads the advisory. “If the vulnerability is successfully exploited, an attacker could gain unauthenticated access to provisioning information including non-sensitive user and network information and perform unauthorized administrative actions on the MiCollab Server. The vulnerability severity is rated as critical. “

CVE-2024-55550 (CVSS score 9.8) is a Path Traversal Vulnerability in Mitel MiCollab (up to 9.8 SP2). The vulnerability allows authenticated admin attackers to read local files. Exploitation is limited to non-sensitive data.

“A path traversal vulnerability, CVE-2024-55550, in Mitel MiCollab could allow an authenticated attacker with administrative privilege to conduct a local file read within the system due to insufficient input sanitization.” reads the advisory.

According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, FCEB agencies have to address the identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

Experts also recommend private organizations review the Catalog and address the vulnerabilities in their infrastructure.

CISA orders federal agencies to fix this vulnerability by January 28, 2025.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, CISA Known Exploited Vulnerabilities catalog)