#CVE-2024-45519

Critical Zimbra RCE flaw exploited to backdoor servers using emails

by

October 2, 2024 at 10:35AM Hackers are exploiting a Zimbra email server vulnerability (CVE-2024-45519) by sending specially crafted emails to the SMTP server, allowing them to execute commands. Malicious activity was detected by Proofpoint and a proof-of-concept exploit was released, urging users to update to secure versions or take preventive measures as listed. After reviewing … Read more

Researchers Sound Alarm on Active Attacks Exploiting Critical Zimbra Postjournal Flaw

by

October 2, 2024 at 02:31AM A critical security flaw, CVE-2024-45519, has been actively exploited in Synacor’s Zimbra Collaboration. The flaw allows unauthenticated attackers to execute arbitrary commands. The issue was addressed in Zimbra versions 8.8.15 Patch 46, 9.0.0 Patch 41, 10.0.9, and 10.1.1. Users are strongly advised to apply the latest patches for protection. Key … Read more