Potential Privilege Escalation Vulnerability in Mitel MiCollab

CVE-2024-35287

Summary

A vulnerability exists in the NuPoint Messenger component of Mitel MiCollab that allows an authenticated attacker with administrative privileges to exploit a privilege escalation flaw. This issue arises from the execution of a resource with unnecessary privileges within the component. When successfully exploited, attackers can execute arbitrary commands with elevated privileges, raising significant security concerns for affected systems. Users of Mitel MiCollab versions up to 9.8 SP1 are encouraged to review their security measures and the specific advisory for further insights.

References