The Cybersecurity and Infrastructure Security Agency has warned that threat actors have been actively exploiting a high-severity security flaw in Zimbra Collaboration, prompting the vulnerability's inclusion in the agency's Known Exploited Vulnerabilities Catalog, according to BleepingComputer.
Hackers could abuse the bug, tracked as CVE-2022-27924, to facilitate Memcache poisoning and email account credential exfiltration. While Zimbra has already issued fixes to address the vulnerability in May, or two months after it was disclosed by SonarSource researchers, some users of the platform continue to be vulnerable and are at risk of email server compromise, spear-phishing attacks, business email compromise attacks, and social engineering campaigns.
More than 200,000 businesses and 1,000 critical entities and state organizations in the U.S. and other parts of the world leverage Zimbra Collaboration, noted Zimbra. All U.S. federal agencies have been mandated to address the Zimbra Collaboration vulnerability by Aug. 25, while immediate patching has been recommended for other organizations leveraging the software platform.
CyberScoop reports that federal civilian agencies have been ordered by the Cybersecurity and Infrastructure Security Agency to provide regular reports on software vulnerabilities as part of a new directive aimed at improving vulnerability detection and asset visibility in federal networks.
BleepingComputer reports that Microsoft's mitigations for the actively exploited Microsoft Exchange zero-day flaws, tracked as CVE-2022-41040 and CVE-2022-41082, have been deemed by cybersecurity experts to be significantly inadequate to curb attacks.