Unpatched Zimbra Platforms Are Probably Compromised, CISA Says

Share:

Attackers are targeting Zimbra systems in the public and private sectors, looking to exploit multiple vulnerabilities, CISA says.

Security teams running unpatched, Internet-connected Zimbra Collaboration Suites (ZCS) should just go ahead and assume compromise, and take immediate detection and response action.

That’s according to a new alert issued by the Cybersecurity and Infrastructure Security Agency, which flagged active Zimbra exploits for CVE-2022-24682, CVE-2022-27924, CVE-2022-27925, which are being chained with CVE-2022-37042, and CVE-2022-30333. The attacks lead to remote code execution and access to the Zimbra platform.

The result could be quite risky when it comes to shielding sensitive information and preventing email-based follow-on threats: ZCS is a suite of business communications services that includes an email server and a Web client for accessing messages via the cloud.

CISA, along with the Multi-State Information Sharing and Analysis Center (MS-ISAC), provided detection details and indicators of compromise (IoCs) to help security teams.

“Cyber-threat actors may be targeting unpatched ZCS instances in both government and private sector networks,” according to a Zimbra advisory.

CISA and the MS-ISAC strongly urged users and administrators to apply the guidance in the Recommendations section of this Cybersecurity Advisory to help secure their organization’s systems against malicious cyberactivity.

https://www.darkreading.com/threat-intelligence/unpatched-zimbra-platforms-probably-compromised-cisa-says

Leave a Comment

Your email address will not be published. Required fields are marked *

loader-image
Austria, AT
9:05 pm, Dec 27, 2024
weather icon 1°C
L: 1° H: 1°
few clouds
Humidity 81 %
Pressure 1035 mb
Wind 6 mph SSE
Wind Gust Wind Gust: 4 mph
UV Index UV Index: 0
Precipitation Precipitation: 0 mm
Clouds Clouds: 23%
Rain Chance Rain Chance: 0%
Visibility Visibility: 10 km
Sunrise Sunrise: 7:53 am
Sunset Sunset: 4:22 pm
DailyHourly
Daily ForecastHourly Forecast
Scroll to Top