<ul><li>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added the Zimbra Collaboration vulnerability CVE-2024-45519 to its Known Exploited Vulnerabilities catalog.</li><li>Proofpoint researchers report threat actors attempting to exploit the Zimbra Collaboration vulnerability for remote code execution on vulnerable instances.</li><li>The vulnerability allows unauthenticated attackers to execute arbitrary commands on affected Zimbra installations.</li><li>CISA has ordered federal agencies to address and fix the vulnerability by October 24, 2024.</li></ul>

U.S. CISA adds Synacor Zimbra Collaboration flaw to its Known Exploited Vulnerabilities catalog

Discover more