Zimbra, a maker of messaging and collaboration software, has hurriedly released patches to address a code execution vulnerability that has already been used to install malware on target computers.
The patches were released more than a week after Rapid7’s malware researchers discovered indications that the Zimbra Collaboration (ZCS) suite was being targeted by zero-day exploits. The flaw, identified as CVE-2022-41352, enables remote code execution and lets an attacker install a shell in the web root.
The bug, which has a CVSS severity rating of 9.8/10, could give an attacker the opportunity to access the cio package in an erroneous manner for any other user accounts. Zimbra fixed numerous cross-site scripting (XSS) vulnerabilities that put webmail users at risk of data breach attacks.