CVE-2024-35315

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker to run arbitrary code with elevated privileges.

CVSS

No CVSS.

References

Link	Resource
https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0016	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:mitel:micollab::::::::
	cpe:2.3:a:mitel:mivoice_business_solution_virtual_instance:1.0.0.25:::::::*

History

07 Jul 2025, 17:54

Type	Values Removed	Values Added
First Time		Mitel Mitel micollab Mitel mivoice Business Solution Virtual Instance
References	~~() https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0016 -~~	() https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-24-0016 - Vendor Advisory
CPE		cpe:2.3:a:mitel:micollab:::::::: cpe:2.3:a:mitel:mivoice_business_solution_virtual_instance:1.0.0.25:::::::*

21 Oct 2024, 21:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-10-21 21:15

Updated : 2025-07-07 17:54

NVD link : CVE-2024-35315

Mitre link : CVE-2024-35315

JSON object : View

Products Affected

mitel

micollab
mivoice_business_solution_virtual_instance

CWE

No CWE.

JSON object

Attach tags to CVE-2024-35315

Attach tags to `CVE-2024-35315`