Security News > 2024 > October > Researchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal Flaw
2024-10-02 05:56
Cybersecurity researchers are warning about active exploitation attempts targeting a newly disclosed security flaw in Synacor's Zimbra Collaboration. Enterprise security firm Proofpoint said it began observing the activity starting September 28, 2024. The attacks seek to exploit CVE-2024-45519, a severe security flaw in Zimbra's postjournal service that could enable unauthenticated attackers to
News URL
https://thehackernews.com/2024/10/researchers-sound-alarm-on-active.html
Related news
- Critical Flaws in Tank Gauge Systems Expose Gas Stations to Remote Attacks (source)
- Critical Zimbra RCE vulnerability under mass exploitation (CVE-2024-45519) (source)
- Critical Zimbra RCE flaw exploited to backdoor servers using emails (source)
- Critical Ivanti RCE flaw with public exploit now used in attacks (source)
- Week in review: Critical Zimbra RCE vulnerability exploited, Patch Tuesday forecast (source)
- CISA says critical Fortinet RCE flaw now exploited in attacks (source)
- Crypto-apocalypse soon? Chinese researchers find a potential quantum attack on classical encryption (source)
- Fortinet warns of new critical FortiManager flaw used in zero-day attacks (source)
- FortiManager critical vulnerability under active attack (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-02 | CVE-2024-45519 | Unspecified vulnerability in Zimbra Collaboration The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0 Patch 41, 10 before 10.0.9, and 10.1 before 10.1.1 sometimes allows unauthenticated users to execute commands. | 9.8 |