CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

08/22/2022 10:59 AM EDT

Original release date: August 22, 2022

CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to include additional detection signatures.

CISA encourages organizations to review the latest update to AA22-228A and apply the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.

Threat Actors Exploiting Multiple Vulnerabilities Against Zimbra Collaboration Suite

08/16/2022 11:10 AM EDT

Original release date: August 16, 2022

CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have released a joint Cybersecurity Advisory (CSA) in response to active exploitation of multiple vulnerabilities against Zimbra Collaboration Suite (ZCS), an enterprise cloud-hosted collaboration software and email platform. 

CISA and MS-ISAC encourage users and administrators review Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite for more information and apply the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.