CVE-2024-35315

MEDIUM

Mitel Micollab < 9.7.1.110 - Code Injection

Title source: rule
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-35315. PoCs published by ewilded.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2024-35315, targeting a race condition in the Mitel Collab installer to achieve local privilege escalation (LPE). The exploit leverages directory change notifications and hardlink manipulation to deploy a malicious DLL during the installation process.

Description

A vulnerability in the Desktop Client of Mitel MiCollab through 9.7.1.110, and MiVoice Business Solution Virtual Instance (MiVB SVI) 1.0.0.25, could allow an authenticated attacker to conduct a privilege escalation attack due to improper file validation. A successful exploit could allow an attacker to run arbitrary code with elevated privileges.

Exploits (1)

nomisec WORKING POC 1 stars
by ewilded · poc
https://github.com/ewilded/CVE-2024-35315-POC

This repository contains a functional exploit for CVE-2024-35315, targeting a race condition in the Mitel Collab installer to achieve local privilege escalation (LPE). The exploit leverages directory change notifications and hardlink manipulation to deploy a malicious DLL during the installation process.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Racy
Target: Mitel Collab installer
No auth needed
Prerequisites: Access to the target system · Mitel Collab installer MSI file · Ability to execute the exploit binary
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 5.6
EPSS 0.0077
EPSS Percentile 51.1%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-94
Status published
Products (2)
mitel/micollab < 9.7.1.110
mitel/mivoice_business_solution_virtual_instance 1.0.0.25
Published Oct 21, 2024
Tracked Since Feb 18, 2026