Bottom line: Mitel MiCollab contains multiple critical vulnerabilities that enable unauthenticated code execution and data theft.
Multiple vulnerabilities have been identified in Mitel MiCollab that allow a remote attacker without authentication to execute arbitrary code and disclose confidential data.
The vulnerabilities in Mitel MiCollab allow multiple attack scenarios: A remote attacker can execute arbitrary code, bypass security measures, perform SQL injection attacks, manipulate data, or disclose confidential information. The attacks require no prior authentication.
Mitel MiCollab is a unified communications and collaboration platform used in many enterprise environments for telephony, videoconferencing, and messaging. A successful exploit could potentially compromise internal communication systems and endanger their confidentiality and integrity.
Affected organizations should immediately apply available security updates from Mitel and check their MiCollab instances for signs of compromise. The vulnerabilities are already known and can be exploited by attackers.
Source: wid.cert-bund.de · Published 18 June 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.7.1.