CISA Updates Advisory on Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite

Original release date: November 10, 2022

CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) have updated joint Cybersecurity Advisory AA22-228A: Threat Actors Exploiting Multiple CVEs Against Zimbra Collaboration Suite, originally released August 16, 2022. The advisory has been updated to include an additional Malware Analysis Report containing new indicators of compromise.

CISA encourages organizations to review the latest update to AA22-228A and apply the recommended mitigations.

This product is provided subject to this Notification and this Privacy & Use policy.