Weird Zimbra Vulnerability
Hackers can execute commands on a remote computer by sending https://arstechnica.com/security/2024/10/attackers-exploit-critical-vulnerability-recently-patched-in-zimbra-servers/
to a Zimbra mail server. It’s critical, but difficult to exploit.
In an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren’t likely to lead to mass infections that could install ransomware or espionage malware. The researcher provided the following details:
While the exploitation attempts we have observed were indiscriminate in targeting, we haven’t seen a large volume of exploitation attempts
Based on what we have researched and observed, exploitation of this vulnerability is very easy, but we do not have any information about how reliable the exploitation is
...
https://www.schneier.com/blog/archives/2024/10/weird-zimbra-vulnerability.html
Schneier on Security (RSS Feed) /
npub1pq…l0mzp
2024-10-03 11:04:20
Author Public Key
npub1pq90j4vh97m4qtpmrzl6gzfhwc6pvxsmuzcvrrhnl2xqpp7xjy4q2l0mzpPublished at
2024-10-03 11:04:20Event JSON
{
"id": "7d45b11eeead82c059141d6cdd2ff1c0aedc0336905e34f96812f978522151ad",
"pubkey": "080af955972fb7502c3b18bfa409377634161a1be0b0c18ef3fa8c0087c6912a",
"created_at": 1727953460,
"kind": 1,
"tags": [
[
"t",
"Uncategorized"
],
[
"t",
"backdoors"
],
[
"t",
"hacking"
],
[
"t",
"ransomware"
],
[
"proxy",
"https://www.schneier.com/feed/atom/#https%3A%2F%2Fwww.schneier.com%2Fblog%2Farchives%2F2024%2F10%2Fweird-zimbra-vulnerability.html",
"rss"
]
],
"content": "Weird Zimbra Vulnerability\n\nHackers can execute commands on a remote computer by sending https://arstechnica.com/security/2024/10/attackers-exploit-critical-vulnerability-recently-patched-in-zimbra-servers/\n to a Zimbra mail server. It’s critical, but difficult to exploit.\nIn an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren’t likely to lead to mass infections that could install ransomware or espionage malware. The researcher provided the following details:\n\nWhile the exploitation attempts we have observed were indiscriminate in targeting, we haven’t seen a large volume of exploitation attempts\nBased on what we have researched and observed, exploitation of this vulnerability is very easy, but we do not have any information about how reliable the exploitation is\n...\n\nhttps://www.schneier.com/blog/archives/2024/10/weird-zimbra-vulnerability.html",
"sig": "c35d11888231562ff5a30d52f9d70021996550eacc32d8984db1deac53134c2b7941c4564a21fa19c0f267a1251eeb7e39164e96b52f953dd645c991ccba979b"
}