CVE-2022-36453 is a high-severity vulnerability affecting the MiCollab Client API in Mitel MiCollab versions 9.1.3 through 9.5.0.101. This vulnerability arises from improper authorization controls within the API, allowing an authenticated attacker to modify profile parameters that should be restricted. Specifically, the flaw enables an attacker who has valid credentials to manipulate their own profile data in a way that grants control over another extension number within the telephony system. The vulnerability is classified under CWE-285 (Improper Authorization), indicating that the system fails to properly enforce access control policies. The CVSS v3.1 base score is 8.8, reflecting high impact across confidentiality, integrity, and availability, with an attack vector over the network, low attack complexity, and no user interaction required. Exploitation requires authentication but no additional user interaction, and the scope remains unchanged, meaning the attacker’s privileges are escalated within the same security boundary. Although no known exploits are currently reported in the wild, the potential for misuse is significant due to the ability to hijack or impersonate other extensions, which could lead to unauthorized call interception, fraudulent call routing, or disruption of telephony services. The lack of published patches at the time of this report increases the urgency for mitigation and monitoring.

For European organizations, the impact of this vulnerability can be substantial, especially for enterprises and public sector entities relying on Mitel MiCollab for unified communications and telephony. Unauthorized control over extension numbers can lead to interception of sensitive communications, eavesdropping, and fraudulent use of telephony resources, potentially exposing confidential business conversations and personal data. This could result in breaches of GDPR regulations due to unauthorized data access or disclosure. Additionally, attackers could disrupt business operations by rerouting or blocking calls, impacting availability of critical communication channels. The integrity of communication systems is also at risk, as attackers could impersonate legitimate users to conduct social engineering or spear-phishing attacks. Given the widespread use of Mitel solutions in European corporate and governmental environments, this vulnerability poses a risk to operational continuity, data privacy compliance, and organizational reputation.

Organizations should immediately verify their Mitel MiCollab versions and prioritize upgrading to versions beyond 9.5.0.101 once patches are released by Mitel. Until patches are available, implement strict network segmentation to isolate MiCollab servers and restrict access to trusted users only. Enforce strong authentication mechanisms, such as multi-factor authentication (MFA), to reduce the risk of credential compromise. Monitor telephony logs for unusual profile modification attempts or extension control changes. Employ anomaly detection systems to flag suspicious activities related to extension usage. Review and tighten role-based access controls within MiCollab to limit profile modification privileges strictly to authorized administrators. Conduct regular audits of extension assignments and user profiles to detect unauthorized changes promptly. Additionally, educate users about the risks of credential sharing and phishing attempts that could lead to authenticated access by attackers.