Amid ongoing exploitation, CISA identifies serious vulnerabilities in Oracle and Mitel systems.

Using evidence of active exploitation, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added three vulnerabilities affecting Oracle WebLogic Server and Mitel MiCollab to its list of known exploited vulnerabilities (KEVs) on Tuesday.

Here is a list of the vulnerabilities:

Mitel MiCollab has a path traversal vulnerability (CVSS score: 9.1) that might give an attacker unapproved and unauthenticated access.

A path traversal vulnerability in Mitel MiCollab, identified as CVE-2024-55550 (CVSS score: 4.4), could let an authorized attacker with administrator rights read local files on the system because of inadequate input sanitization.

Oracle WebLogic Server has a security flaw known as CVE-2020-2883 (CVSS score: 9.8) that an unauthorized attacker with network access through IIOP or T3 could take advantage of.

CVE-2024-41713 may be chained with CVE-2024-55550, which would allow an unauthenticated remote attacker to read any file on the server.

Information regarding the twin vulnerabilities surfaced last month after a report from WatchTowr Labs, which found the problems while attempting to reproduce another major hole in Mitel MiCollab (CVE-2024-35286, CVSS score: 9.8) that was fixed in May 2024.

In late April 2020, Oracle issued a warning on CVE-2020-2883, stating that it had received "reports of attempts to maliciously exploit several recently-patched vulnerabilities, including vulnerability CVE-2020-2883."

As of right now, no information is known regarding who might be making use of the aforementioned vulnerabilities, how they are used in actual assaults, or who these activities are directed at.