News Own Your Online External Link Report it
News Own Your Online External Link
  1. Welcome to the National Cyber Security Centre
  2. Alerts
  3. New vulnerability (patch bypass) affecting Mitel MiCollab

New vulnerability (patch bypass) affecting Mitel MiCollab

This section contains time sensitive announcements about specific cyber threats, vulnerabilities and scams. Each alert has information you need to be aware of, and what actions to take to mitigate any risk to you or your organisation.

Subscribe to our updates to be notified as soon as we publish an alert.

2:00pm, 24 June 2025

TLP Rating: Clear

New vulnerability (patch bypass) affecting Mitel MiCollab

The NCSC has previously alerted on two Mitel MiCollab vulnerabilities, CVE-2024-41713 and CVE-2024-55550. The NCSC is re-drawing attention to this alert because of a new vulnerability (CVE identifier unknown) that bypasses the patch issued for CVE-2024-41713.

What's happening

Systems affected

Mitel MiCollab versions up to 9.8 SP2 (9.8.2.12) and earlier.

What this means

Organisations who utilise affected Mitel MiCollab versions could be vulnerable to the listed vulnerability.

What to look for

How to tell if you're at risk

If you are running a Mitel MiCollab instance within the listed versions.

What to do

Prevention

Update to the latest version of Mitel MiCollab.

More information

Vendor Advisory

Mitel Product Security Advisory MISA-2025-0007 | Mitel External Link

If you require more information or further support, submit a report on our website or contact us on 0800 114 115.

Report an incident

For media enquiries, email our media desk at media@ncsc.govt.nz.