Hackers exploit the vulnerability in Zimbra For Password Stealing
For months there have been reports of vulnerabilities in Zimbra’s email platform. Now it has become known that one of these vulnerabilities is being actively exploited to steal passwords undetected. That reports that Bleeping Computer Online Magazine.
Hackers are therefore already on the hunt for vulnerable entities that have not yet installed the security updates that are already available and thus are unprotected against data theft.
Security update available
The vulnerability in Zimbra in question, CVE-2022-27824, was discovered in March by SonarSource security researchers. In May, the software manufacturer then released two security patches (ZCS 9.0.0 Patch 24.1 and ZCS 8.8.15 Patch 31.1) in response. The vulnerability is classified as very dangerous. It allows an unauthenticated attacker to steal plain text email account information from Zimbra Collaboration instances without any user interaction. The vulnerability allows hackers to trick the software into forwarding all IMAP traffic when a legitimate user tries to log in.
According to the software vendor, Zimbra Collaboration is used by more than 200,000 companies and 1,000 government agencies and organizations in some 140 countries. In the US, the Agency for Cybersecurity and Infrastructure Security (CISA) now officially warned about the vulnerability. As a result, all federal authorities in the US are required to import the available security updates by August 25, 2022.
As CISA’s latest warning shows, the security updates that have been available for nearly three months have so far been underused. Hackers are now trying to find vulnerable instances, attack them and steal data.
Research Snipers is currently covering all technology news including Google, Apple, Android, Xiaomi, Huawei, Samsung News, and More. Research Snipers has decade of experience in breaking technology news, covering latest trends in tech news, and recent developments.
