A critical remote code execution (RCE) vulnerability (CVE-2024-45519) in Zimbra’s postjournal service is under active attack. This vulnerability allows unauthenticated remote command execution through specially crafted emails.
Key Points:
Critical Vulnerability: CVE-2024-45519 in Zimbra’s postjournal service enables RCE and is currently being exploited.
Proof of Concept (PoC): The vulnerability can be exploited via specially crafted emails.
Service Status: The postjournal SMTP parsing service is not enabled by default, but over 90,000 web-facing Zimbra instances with unpatched vulnerabilities have been detected.
Urgent Action Required: Zimbra users are strongly urged to patch the postjournal vulnerability immediately to prevent potential exploits and ensure system security.
