Zimbra Collaboration, an open-source software suite for collaboration, is utilized by over 5,000 companies and public sector users in more than 140 countries. However, Google TAG discovered a 0-day exploit in June 2023 that targeted Zimbra Collaboration (CVE-2023-37580). Four distinct groups exploited this bug, stealing email data, user credentials, and authentication tokens. The vulnerability, known as Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability, has a base score of 6.1 and a medium severity level. Most of the hacking activity occurred after the initial fix was made public on GitHub. To stay protected, it is recommended to keep software up-to-date and apply security updates promptly. Zimbra released a hotfix on July 5, 2023, and provided an advisory on July 13, 2023. Researchers also identified three threat groups exploiting the vulnerability before the official patch, with a fourth campaign emerging after the fix. The urgency for mail server fixes is underscored by the discovery of these campaigns. Regular XSS exploits highlight the importance of conducting rigorous mail server code audits.
Related Posts
Google Issues Urgent Upgrades to Fix Exploited Chrome Zero-Day Vulnerability
Google has released urgent updates to address a high-severity vulnerability in its Chrome web browser that has been actively exploited.…
A critical vulnerability affecting all Windows operating systems from Windows 7 and Server 2008 R2 through the latest Windows 11…
A new threat has emerged on the darker corners of the internet. A threat actor has reportedly put up for…