The US Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities impacting Mitel MiCollab and Oracle WebLogic Server to its Known Exploited Vulnerabilities (KEV) catalog.
The newly added vulnerabilities are CVE-2024-41713, a path traversal vulnerability in Mitel MiCollab, which allows an attacker to gain unauthorized and unauthenticated access, CVE-2024-55550, another path traversal flaw in Mitel MiCollab that could be used an authenticated attacker with administrative privileges to read local files on the system due to insufficient input sanitization.
The third actively exploited vulnerability is CVE-2020-2883, a remote code execution flaw in Oracle WebLogic Server, which can be exploited by an unauthenticated attacker with network access via IIOP or T3 protocols.
Notably, CVE-2024-41713 and CVE-2024-55550 can be chained together, enabling a remote, unauthenticated attacker to read arbitrary files on the server.
Currently, details on the methods of exploitation, the attackers involved, and their targets remain unclear.