Security experts have identified several vulnerabilities in Mitel’s MiCollab communication platform that could enable attackers to perform SQL injection and elevate privileges. The weaknesses affect MiCollab versions 10.2.x prior to 10.2 SP1 (10.2.1.11), all 10.x releases lacking the latest security patch, and 9.8.x releases up to 9.8.SP3 FP1 without the most recent fix. Mitel issued advisory MISA‑2026‑0002 on 8 April 2026, detailing the flaws and recommending that users apply the vendor’s patches. The French CERT has issued a notice (CERT‑FR‑2026‑AVI‑0411) to alert users and organizations to update promptly. No incidents of exploitation have been reported publicly as of the notice date.
Summary of content from
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.