CyberSecurityBoard
Sponsor Register Login

CISA Warns of Zimbra Collaboration Suite (ZCS) Vulnerability Exploited in Attacks

The vulnerability has been classified under CWE-918 (Server-Side Request Forgery) and CWE-807 (Reliance on Untrusted Inputs in a Security Decision), indicating the severity of the trust boundary violations involved. While the connection to ransomware campaigns remains unknown, the SSRF nature of the vulnerability makes it particularly attractive to attackers seeking to establish initial footholds in enterprise environments. This type of vulnerability is particularly dangerous in cloud environments where metadata services often contain sensitive authentication tokens and configuration data. The vulnerability, tracked as CVE-2019-9621, poses significant risks to organizations using the popular email and collaboration platform. CISA alerts on an SSRF flaw (CVE-2019-9621) in Zimbra ZCS, actively exploited by attackers.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 08 Jul 2025 09:50:11 +0000


Cyber News related to CISA Warns of Zimbra Collaboration Suite (ZCS) Vulnerability Exploited in Attacks

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. CISA adds Google Chrome zero-days to its Known Exploited Vulnerabilities catalog. CISA adds ...
1 year ago Securityaffairs.com
Critical Zimbra Postjournal flaw CVE-2024-45519 actively exploited in the wild. Patch it now! - “Beginning on September 28, @Proofpoint began observing attempts to exploit CVE-2024-45519, a remote code execution vulnerability in Zimbra mail servers. Beginning on September 28, @Proofpoint began observing attempts to exploit CVE-2024-45519, ...
9 months ago Securityaffairs.com CVE-2024-45519
Zimbra Collaboration Server GraphQL Vulnerability Exposes Sensitive User Data - The flaw resides in Zimbra’s webmail interface’s GraphQL endpoint (/service/extension/graphql), where improper CSRF token validation enables malicious actors to manipulate authenticated users into triggering unintended actions. Zimbra ...
2 months ago Cybersecuritynews.com
New MOVEit Transfer critical bug is actively exploited - MUST READ. New MOVEit Transfer critical bug is actively exploited. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. PoC ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 CVE-2023-40044 CVE-2023-20109 Rocke
Critical Zimbra RCE flaw actively exploited to take over servers - Attackers can exploit the vulnerability by sending specially crafted emails with commands to execute in the CC field, which are then executed when the postjournal service processes the email. Hackers are actively exploiting a recently disclosed RCE ...
9 months ago Bleepingcomputer.com CVE-2024-45519
Critical Zimbra RCE flaw exploited to backdoor servers using emails - Attackers can exploit the vulnerability by sending specially crafted emails with commands to execute in the CC field, which are then executed when the postjournal service processes the email. Hackers are actively exploiting a recently disclosed RCE ...
9 months ago Bleepingcomputer.com CVE-2024-45519
CISA pledges to resolve issues with threat sharing system after watchdog report - On Friday, the Department of Homeland Security’s Office of the Inspector General published a report on Automated Indicator Sharing (AIS) — which was used to spread cyber threat intelligence and was mandated as part of a 2015 law. The nation’s ...
9 months ago Therecord.media
Google: Hackers exploited Zimbra zero-day in attacks on govt orgs - Google's Threat Analysis Group has discovered that threat actors exploited a zero-day vulnerability in Zimbra Collaboration email server to steal sensitive data from government systems in multiple countries. Hackers leveraged a medium-severity ...
1 year ago Bleepingcomputer.com CVE-2023-37580 CVE-2022-24682 CVE-2023-5631
Zimbra RCE Vuln Under Attack Needs Immediate Patching - "Some emails from the same sender used a series of CC'd addresses attempting to build a Web shell on a vulnerable Zimbra server," Proofpoint said. Attackers are actively targeting a severe remote code execution vulnerability that ...
9 months ago Darkreading.com CVE-2023-37580 CVE-2024-45519 Lazarus Group
Russia's Midnight Blizzard stole email of more Microsoft customers - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 Akira
Zimbra RCE Vulnerability (CVE-2024-45519) - Exploit POC Released - Zimbra, a popular email and collaboration platform, has issued a crucial security update to patch a severe vulnerability in its postjournal service. Attackers could exploit it to run arbitrary commands without authentication, which poses a ...
9 months ago Cybersecuritynews.com CVE-2024-45519
Securing Tomorrow: A Recap of CISA's Cyber Resilient 911 Symposium - CISA's Emergency Communications Division spearheaded the Cyber Resilient 911 Program's fourth regional symposium, which included CISA Regions 5 and 7. Among the attendees were state 911 administrators, representatives from 911 centers, IT/cyber ...
1 year ago Cisa.gov
CISA's OT Attack Response Team Understaffed: GAO - The US Government Accountability Office has conducted a study focusing on the operational technology cybersecurity products and services offered by CISA and found that some of the security agency's teams are understaffed. OT environments continue to ...
1 year ago Securityweek.com
Enabling Threat-Informed Cybersecurity: Evolving CISA's Approach to Cyber Threat Information Sharing - One of CISA's most important and enduring roles is providing timely and actionable cybersecurity information to our partners across the country. Nearly a decade ago, CISA stood up our Automated Indicator Sharing, or AIS, program to widely exchange ...
1 year ago Cisa.gov
High-severity flaw affects Cisco Firepower Management Center - CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Hackers ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2024-23897 CVE-2024-0204 CVE-2023-20198 CVE-2023-38831 Rocke
High-severity flaw affects Cisco Firepower Management Center - CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. CISA adds Cisco ASA and FTD and CrushFTP VFS flaws to its Known Exploited Vulnerabilities catalog. Critical Fortinet's FortiClient EMS flaw actively exploited in the wild. Hackers ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2024-23897 CVE-2024-0204 CVE-2023-20198 CVE-2023-38831 Rocke
Healthcare firm WebTPA data breach impacted 2.5M individuals - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. CISA adds GitLab flaw to its Known Exploited Vulnerabilities catalog. Nation-state actors exploited two zero-days in ASA and FTD firewalls to breach ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 APT29 BianLian
CISA Warns of Zimbra Collaboration Suite (ZCS) Vulnerability Exploited in Attacks - The vulnerability has been classified under CWE-918 (Server-Side Request Forgery) and CWE-807 (Reliance on Untrusted Inputs in a Security Decision), indicating the severity of the trust boundary violations involved. While the connection to ransomware ...
1 week ago Cybersecuritynews.com CVE-2019-9621
Monti gang claims the hack of the Wayne Memorial Hospital in Pennsylvania - CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits JetBrains ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 APT29 LockBit BianLian
Impact of Remote Work and Cloud Migrations on Security Perimeters - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-22515 CVE-2023-40044 APT29 BianLian
newsletter Round 474 by Pierluigi Paganini - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. Critical Fortinet's ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-49103 CVE-2023-22515 APT28 APT29 BianLian
CISA warns agencies of fourth flaw used in Triangulation spyware attacks - The U.S. Cybersecurity and Infrastructure Security Agency has added to its to the Known Exploited Vulnerabilities catalog six vulnerabilities that impact products from Apple, Adobe, Apache, D-Link, and Joomla. The Known Exploited Vulnerabilities ...
1 year ago Bleepingcomputer.com CVE-2023-27524 CVE-2023-41990 CVE-2023-38203 CVE-2023-29300 CVE-2016-20017
A cyberattack shutdown the University Hospital Centre Zagreb in Croatia - CISA adds Apache Flink flaw to its Known Exploited Vulnerabilities catalog. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. Stanford University announced that 27,000 ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-38831 CVE-2023-22515 APT29 LockBit BianLian
Cybersecurity Performance Goals: Assessing How CPGs Help Organizations Reduce Cyber Risk - In October 2022, CISA released the Cybersecurity Performance Goals to help organizations of all sizes and at all levels of cyber maturity become confident in their cybersecurity posture and reduce business risk. Earlier this summer, CISA outlined ...
1 year ago Cisa.gov
newsletter Round 473 by Pierluigi Paganini - Microsoft Patch Tuesday security updates for May 2024 fixes 2 actively exploited zero-days. Microsoft fixed two zero-day bugs exploited in malware attacks. HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks. BianLian group exploits ...
1 year ago Securityaffairs.com CVE-2020-3259 CVE-2023-46747 CVE-2023-46748 CVE-2023-22515 APT29 Rocke BianLian

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)