CVE-2024-45519

💻 Affected Systems

📦 What is this software?

⚠️ Risk & Real-World Impact

🎯 Exploit Status

CVSS 10.0 indicates trivial exploitation with maximum impact. While no public PoC exists, the nature of the vulnerability suggests weaponization is likely.

🔍 How to Verify

Check Zimbra version: su - zimbra -c 'zmcontrol -v' and compare against affected versions.

su - zimbra -c 'zmcontrol -v'

Verify version is patched: su - zimbra -c 'zmcontrol -v' should show 8.8.15 P46, 9.0.0 P41, 10.0.9, or 10.1.1 or later.

📡 Detection & Monitoring

source="zimbra.log" AND "postjournal" AND ("exec" OR "command" OR "system")

🔗 References

• https://wiki.zimbra.com/wiki/Security_Center Release Notes
• https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.9#Security_Fixes Release Notes
• https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.1#Security_Fixes Release Notes
• https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P46#Security_Fixes Release Notes
• https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P41#Security_Fixes Release Notes
• https://wiki.zimbra.com/wiki/Zimbra_Responsible_Disclosure_Policy Not Applicable
• https://blog.projectdiscovery.io/zimbra-remote-code-execution/ Exploit
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-45519 US Government Resource