CISA says Oracle and Mitel have critical security flaws being exploited

zeeforce
3 Min Read




  • CISA addS three new bugs to KEV – two in Mitel’s MiCollab, and one in Oracle WebLogic Server
  • The bugs allowed crooks to read sensitive files and take over vulnerable endpoints
  • Federal agencies have until late January 2025 to deploy the patch

The US Cybersecurity and Infrastructure Security Agency (CISA) HAS added three new flaws to its Exploited Vulnerabilities Catalog (KEV), signalling in-the-wild abuse, and giving federal agencies a deadline to patch things up.

Two of the three flaws are found in Mitel’s MiCollab unified communications platform. One is a critical path traversal vulnerability, tracked as CVE-2024-41713.



Source link

Share This Article
Leave a comment
Optimized by Optimole
Verified by MonsterInsights