What is it?
Zimbra is an email server/client suite that integrates web and email clients and calendars. A vulnerablity has been found that allows specially crafted emails that contain server commands in the CC: field.
The Bleeping Computer article “Critical Zimbra RCE flaw exploited to backdoor servers using emails,” linked below, provides details about how the vulnerability can be exploited.
Why is it a risk?
An attacker can send an email that remotely triggers unauthorized, execution of arbitrary code on the server.
This is considered a CRITICAL problem of VERY HIGH risk.
How can you mitigate the risk?
According to Zimbra’s security bulletin (link below), CVE-2024-45519 has been resolved in version 9.0.0 Patch 41 or later, versions 10.0.9 and 10.1.1, and Zimbra 8.8.15 Patch 46 or later.
Resources:
Bleeping Computer – Critical Zimbra RCE flaw exploited to backdoor servers using emails
Zimbra Security Bulletin
