Mitel News Articles
Recent news articles refferecing the vendors vulnerabilities.
Threat Intelligence | News & Insights | The Hacker News
Read the latest updates about Threat Intelligence on The Hacker News cybersecurity and information technology publication.
3 hours ago
The Hacker NewsCVE-2024-41710New Aquabot Botnet Exploits CVE-2024-41710 in Mitel Phones for DDoS Attacks
Aquabot botnet exploits CVE-2024-41710 in Mitel phones, using a public PoC to deploy DDoS malware since January 2025.
6 days ago
New Aquabotv3 botnet malware targets Mitel command injection flaw
A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones.
6 days ago
Mirai Variant ‘Aquabot’ Exploits Mitel Device Flaws
Yet another spinoff of the infamous DDoS botnet is exploiting a known vulnerability in active attacks, while its threat actors are promoting it on Telegram for other attackers to use as well, in a DDoS-as-a-service model.
1 week ago
The RegisterCVE-2024-41710Beware of DDoSes from Mirai-based botnet of Mitel phones
A new variant of the Mirai-based malware Aquabot is actively exploiting a vulnerability in Mitel phones to build a remote-controlled botnet, according to Akamai's Security Intelligence and Response Team. In...
1 week ago
Aquabot Botnet Targeting Vulnerable Mitel Phones
The Mirai-based Aquabot botnet has been targeting a vulnerability in Mitel SIP phones for which a proof-of-concept (PoC) exploit exists.
1 week ago
CISA adds Mitel and Oracle bugs to exploited vulnerabilities list
Two Mitel MiCollab bugs were added to the KEV catalog, while a patched Oracle WebLogic Server exploit is still under threat.
3 weeks ago
Mitel 0-day, 5-year-old Oracle RCE exploited in the wild
Cybercriminals are actively exploiting two vulnerabilities in Mitel MiCollab, including a zero-day flaw – and a critical remote code execution vulnerability in Oracle WebLogic Server that has been abused for...
1 month ago
The StackCVE-2024-41713CISA adds 2020 Oracle vulnerability to KEV: We hope you...
Five years after a critical Oracle WebLogic server bug was first reported exploited, CISA has added CVE-2020-2883 to its KEV catalogue.
1 month ago
Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers - Help Net Security
CISA has added Mitel MiCollab and Oracle WebLogic Server vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.
1 month ago
GBHackers NewsOracle WebLogic Vulneraiblity Actively Exploited in Cyber Attacks - CISA
CISA has issued a warning regarding the active exploitation of critical vulnerabilities in various software, vulnerabilities in Oracle WebLogic Server.
1 month ago
CISA Flags Critical Flaws in Mitel and Oracle Systems Amid Active Exploitation
CISA lists critical flaws in Mitel MiCollab (CVE-2024-41713, CVE-2024-55550) and Oracle WebLogic (CVE-2020-2883).
1 month ago
GovInfoSecurityCVE-2024-41713Mitel MiCollab VoIP Software: Zero-Day Vulnerability Alert
Security researchers warn of a newly discovered zero-day vulnerability in widely used VoIP telephony software, a discovery that comes as the United States struggles
2 months ago
PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug
A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive files on vulnerable instances. A...
2 months ago
PoC exploit chains Mitel MiCollab 0-day, auth-bypass bug to access sensitive files
A zero-day arbitrary file read vulnerability in Mitel MiCollab can be chained with a now-patched critical bug in the same platform to give attackers access to sensitive files on vulnerable instances. A...
2 months ago
Bypass Bug Revives Critical N-Day in Mitel MiCollab
A single barrier prevented attackers from exploiting a critical vulnerability in an enterprise collaboration platform. Now there's a workaround.
2 months ago
The Hacker NewsCVE-2024-41713Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access
Critical Mitel MiCollab exploit CVE-2024-41713 patched; update to prevent file access and admin misuse.
2 months ago
Help Net SecurityCVE-2024-41713Mitel MiCollab zero-day and PoC exploit unveiled - Help Net Security
A zero-day vulnerability in Mitel MiCollab can be exploited to read files containing sensitive data - and there's a PoC exploit.
2 months ago
Cyber Security NewsCVE-2024-41713Mitel MiCollab Zero-Day Vulnerability Let Attackers Bypass Authentication
Security researchers have uncovered a critical zero-day vulnerability in Mitel MiCollab, a popular unified communications solution.
2 months ago
watchTowr Labs - BlogWhere There’s Smoke, There’s Fire - Mitel MiCollab CVE-2024-35286, CVE-2024-41713 And An 0day
It is not just APTs that like to target telephone systems, but ourselves at watchTowr too. We can't overstate the consequences of an attacker crossing the boundary from the 'computer system' to the 'telephone system'. We've seen attackers realise this in 2024, with hacks against legal intercept sys...
2 months ago
CSO OnlineCVE-2024-35286Mitel MiCollab VoIP authentication bypass opens new attack paths
Researchers released a proof-of-concept exploit for a path traversal flaw in the enterprise VoIP suite that, coupled with an arbitrary file read issue, can give attackers access to protected files, among other possible attack paths.
2 months ago