Unknown Attackers exploit several vulnerabilities in Zimbra Collaboration Suite

Threat Advisories

Unknown Attackers exploit several vulnerabilities in Zimbra Collaboration Suite

Threat Level
Attack Report

For a detailed advisory, download the pdf file here

Summary

The Zimbra Collaboration Suite (ZCS) email servers experienced multiple breaches between July and early August 2022. The exploitation of CVE-2022-27925, a remote-code-execution (RCE) vulnerability in ZCS, was most likely the cause of these incidents.