Connect with us

Tech

Thousands of Zimbra servers attacked following email account compromise

Published

on

TJirAeNdL3RwDzNaPiWTc8 1200 80

A critical vulnerability has been found in open source collaboration suite Zimbra which allows crooks to run remote code execution on vulnerable servers and deploy malware.

The vulnerability is tracked as CVE-2024-45519, and is only exploitable when default settings are changed, and the postjournal service is enabled. That, luckily, reduces the attack surface significantly, but not entirely. As multiple security researchers confirmed, when this service is enabled, if a threat actor sends a specially-crafted email, the platform will attempt to download and run a file on the server.


Continue Reading
Advertisement

Trending