Critical Zimbra Vulnerabilities Let Attackers Unauthorized Access to Internal Resources
\n \t
\n
<\/BR>
\n
\n \t
\n
<\/BR><\/p>\n
Zimbra Collaboration, a popular open-source email and collaboration software, was recently discovered to include critical vulnerabilities that pose serious risks to its users.\u00a0<\/p>\n
These vulnerabilities, identified as CVE-2025-25064 and CVE-2025-25065, allow attackers to exploit the system for unauthorized access to sensitive data and internal network resources.\u00a0<\/p>\n
Zimbra has issued patches to address these flaws, and users are strongly urged to update their systems immediately.<\/p>\n
A critical SQL injection vulnerability<\/a>, identified as CVE-2025-25064, has been discovered in Zimbra Collaboration.\u00a0\u00a0<\/p>\n This flaw affects versions 10.0.x prior to 10.0.12 and 10.1.x prior to 10.1.4.\u00a0 The vulnerability stems from inadequate sanitization of user-provided input within the ZimbraSync Service SOAP endpoint.\u00a0\u00a0<\/p>\n Successful exploitation by authenticated attackers could allow the injection of arbitrary SQL queries, potentially leading to the exposure of sensitive email metadata and other confidential information.\u00a0\u00a0<\/p>\n Users are strongly advised to immediately mitigate this risk by updating their Zimbra Collaboration installations to version 10.0.12 or 10.1.4, as appropriate.<\/p>\n A Server-Side Request Forgery (SSRF) vulnerability<\/a>, tracked as CVE-2025-25065, has been identified in Zimbra Collaboration.\u00a0\u00a0<\/p>\n This flaw impacts versions 9.0.0 prior to Patch 43, 10.0.x before 10.0.12, and 10.1.x before 10.1.4.\u00a0\u00a0<\/p>\n The vulnerability resides within the RSS feed parser, enabling attackers to potentially redirect requests to internal network endpoints without proper authorization.\u00a0\u00a0<\/p>\n The recommended mitigation is to apply the latest available patches for the affected Zimbra versions.<\/p>\n Zimbra has been a frequent target for cybercriminals due to its extensive deployment across businesses and organizations worldwide. For instance:<\/p>\n In late 2024, CVE-2024-45519, a remote code execution (RCE) vulnerability in the postjournal service, was exploited in the wild shortly after its proof-of-concept (PoC)<\/a> was released.<\/p>\n Another notable flaw, CVE-2023-37580, involved cross-site scripting (XSS) attacks on the Zimbra Classic Web Client, compromising user confidentiality and integrity.<\/p>\n Zimbra has released multiple patches addressing these vulnerabilities:<\/p>\n Patch for CVE-2025-25064 and CVE-2025-25065: Strengthens input sanitization and mitigates exploitation risks.<\/p>\n Updates for older vulnerabilities like CVE-2019-9641 (heap-based buffer overflow in PHP <7.3.10) and XXE CWE-611 (CVE-2013-7217) have also been integrated into recent releases.<\/p>\n Administrators are encouraged to use commands like yum update or apt update to apply these patches promptly.<\/p>\n This underscores the importance of maintaining up-to-date software in mitigating cybersecurity risks. Organizations relying on Zimbra Collaboration should act swiftly to patch their systems and safeguard sensitive data against potential exploitation.<\/p>\n PCI DSS 4.0 & Supply Chain Attack Prevention \u2013\u00a0Free Webinar<\/a><\/strong><\/p>\n The post Critical Zimbra Vulnerabilities Let Attackers Unauthorized Access to Internal Resources<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nCVE-2025-25065 \u2013 Server-Side Request Forgery \u2013 SSRF) Vulnerability<\/strong><\/h3>\n
Historical Context of Zimbra Vulnerabilities<\/strong><\/h2>\n
Technical Fixes in Recent Patches<\/strong><\/h2>\n
Recommendations for Users<\/strong><\/h2>\n
\n