Main Vulnerability Database Exploits ID:9951 - Exploit for Permissions, Privileges, and Access Controls in MiCollab and MiVoice Business Solution Virtual Instance (MiVB SVI) - CVE-2024-35315

ID:9951 - Exploit for Permissions, Privileges, and Access Controls in MiCollab and MiVoice Business Solution Virtual Instance (MiVB SVI) - CVE-2024-35315

Published: June 7, 2024

Vulnerability identifier: #VU90709

Vulnerability risk: Low

CVE-ID: CVE-2024-35315

CWE-ID: CWE-264

Exploitation vector: Local access

Vulnerable software:
MiCollab
MiVoice Business Solution Virtual Instance (MiVB SVI)

Link to public exploit:

https://github.com/ewilded/CVE-2024-35315-POC

Vulnerability description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to improper file validation, which leads to security restrictions bypass and privilege escalation.

Remediation

Install updates from vendor's website.

ID:9951 - Exploit for Permissions, Privileges, and Access Controls in MiCollab and MiVoice Business Solution Virtual Instance (MiVB SVI) - CVE-2024-35315

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human