Cyber threat actors exploit Zimbra Collaboration Suite vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have published a joint security alert for multiple vulnerabilities against Zimbra Collaboration Suite (ZCS).

Zimbra is one of the world’s leading cloud-hosted collaboration software and open source email platform, powering hundreds of millions of mailboxes in 140 countries.

According the alert, cyber threat actors may be targeting the following five vulnerabilities on unpatched ZCS instances in both government and private sector networks:

  • CVE-2022-24682
  • CVE-2022-27924
  • CVE-2022-27925 (chained with CVE-2022-37042)
  • CVE-2022-30333.

CISA previously added CVE-2022-24682 and CVE-2022-27924 to its Known Exploited Vulnerabilities Catalog in February and early August of this year respectively. The additions were based on evidence that cyber criminals are actively exploiting the vulnerabilities.