2:00pm, 24 June 2025
TLP Rating:
New vulnerability (patch bypass) affecting Mitel MiCollab
The NCSC has previously alerted on two Mitel MiCollab vulnerabilities, CVE-2024-41713 and CVE-2024-55550. The NCSC is re-drawing attention to this alert because of a new vulnerability (CVE identifier unknown) that bypasses the patch issued for CVE-2024-41713.
What's happening
Systems affected
Mitel MiCollab versions up to 9.8 SP2 (9.8.2.12) and earlier
What this means
Organisations who utilise affected Mitel MiCollab versions could be vulnerable to the listed vulnerability.
What to look for
How to tell if you're at risk
If you are running a Mitel MiCollab instance within the listed versions.
What to do
Prevention
Update to the latest version of Mitel MiCollab.
More information
Vendor Advisory
Mitel Product Security Advisory MISA-2025-0007 | Mitel External Link
If you require more information or further support, submit a report on our website or contact us on 0800 CERTNZ.
Report an incident to CERT NZ
For media enquiries, email our media desk at media@ncsc.govt.nz.
How helpful was this page?
This site is protected by reCAPTCHA and the Google Privacy Policy External Link and Terms of Service External Link apply.