Security News > 2024 > October > Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)
Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say that the attacks started on September 28 – several weeks after Zimbra developers released patches for CVE-2024-45519 and other flaws, and a day after ProjectDiscovery’s analysts published a detailed technical write-up about the vulnerability and a PoC exploit to demonstrate the potential for local exploitation. Other researchers have published PoCs on GitHub … More → The post Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/10/02/cve-2024-45519-exploited/
Related news
- Apache OFBiz team patches critical RCE vulnerability (CVE-2024-45195) (source)
- Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986) (source)
- Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) (source)
- APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262) (source)
- SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (source)
- CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns (source)
- PoC for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987) (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- Cisco warns of critical RCE zero-days in end of life IP phones (source)
- Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218) (source)