Hosted on MSN

PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files

A proof-of-concept (PoC) exploit that strings together the two flaws, both spotted and disclosed to Mitel by watchTowr, which on Thursday published the PoC after waiting 100-plus days for the vendor ...
CSOonline

Mitel MiCollab VoIP authentication bypass opens new attack paths

Researchers released a proof-of-concept exploit for a path traversal flaw in the enterprise VoIP suite that, coupled with an arbitrary file read issue, can give attackers access to protected files, ...
heise online

US security agency warns of attacks on MiCollab and WebLogic Server

Attackers are currently targeting PCs on which Mitel MiColab or Oracle WebLogic Server is installed. In the worst case, attackers can take over systems completely. Security patches are available for ...