The Cybersecurity and Infrastructure Security Agency has warned that threat actors have been actively exploiting a high-severity security flaw in Zimbra Collaboration
, prompting the vulnerability's inclusion in the agency's Known Exploited Vulnerabilities Catalog, according to BleepingComputer
Hackers could abuse the bug, tracked as CVE-2022-27924, to facilitate Memcache poisoning and email account credential exfiltration. While Zimbra has already issued fixes to address the vulnerability in May, or two months after it was disclosed by SonarSource researchers, some users of the platform continue to be vulnerable and are at risk of email server compromise, spear-phishing attacks, business email compromise attacks, and social engineering campaigns.
More than 200,000 businesses and 1,000 critical entities and state organizations in the U.S. and other parts of the world leverage Zimbra Collaboration, noted Zimbra. All U.S. federal agencies have been mandated to address the Zimbra Collaboration vulnerability by Aug. 25, while immediate patching has been recommended for other organizations leveraging the software platform.