Security News > 2024 > October > Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)

Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519)
2024-10-02 11:05

Attackers are actively exploiting CVE-2024-45519, a critical Zimbra vulnerability that allows them to execute arbitrary commands on vulnerable installations. Proofpoint’s threat researchers say that the attacks started on September 28 – several weeks after Zimbra developers released patches for CVE-2024-45519 and other flaws, and a day after ProjectDiscovery’s analysts published a detailed technical write-up about the vulnerability and a PoC exploit to demonstrate the potential for local exploitation. Other researchers have published PoCs on GitHub … More → The post Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) appeared first on Help Net Security.


News URL

https://www.helpnetsecurity.com/2024/10/02/cve-2024-45519-exploited/

Related news

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2024-10-02 CVE-2024-45519 Unspecified vulnerability in Zimbra Collaboration
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands.
network
low complexity
zimbra
critical
 9.8
9.8

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Zimbra 7 0 40 15 8 63