CISA Flags Actively Exploited Zimbra (CVE-2023-34192) and Microsoft (CVE-2024-49035) Vulnerabilities

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning, adding two critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. This move underscores the urgency for organizations to immediately patch their systems to mitigate the risk of active exploitation.

The newly flagged vulnerabilities, CVE-2023-34192 and CVE-2024-49035, target widely used platforms, posing significant threats to both public and private sector entities.

First on the list is CVE-2023-34192, a high-severity Cross-Site Scripting (XSS) vulnerability affecting Zimbra Collaboration Suite (ZCS) version 8.8.15. With a CVSS score of 9.0, this flaw allows remote, authenticated attackers to inject malicious scripts via the /h/autoSaveDraft function. This can lead to arbitrary code execution, potentially granting attackers full control over compromised systems.

The active exploitation of this XSS vulnerability in Zimbra ZCS 8.8.15 is a serious concern. Organizations using this version must immediately apply Patch 40 to secure their environments. Delaying this patch could result in severe data breaches and system compromise. Users of Zimbra ZCS 8.8.15 are strongly advised to update to Patch 40 without delay.

The second critical vulnerability, CVE-2024-49035, is a privilege escalation flaw within partner.microsoft.com, carrying a CVSS score of 8.7. This vulnerability allows unauthenticated attackers to elevate their privileges over a network by exploiting improper access control.

Microsoft disclosed this vulnerability in November of last year, crediting researchers Gautam Peri, Apoorv Wadhwa, and an anonymous contributor for its discovery. However, the tech giant has remained tight-lipped regarding the specifics of its real-world exploitation.

Microsoft is rolling out automatic fixes for the online version of Power Apps. Organizations relying on the Microsoft Partner Portal should verify their systems are updated and implement robust security measures to protect against potential attacks.

CISA has mandated that Federal Civilian Executive Branch (FCEB) agencies apply the necessary patches for both vulnerabilities by March 18, 2025.

Related Posts:

• Zimbra Email Servers Under Attack: CISA Flags CVE-2024-45519 as Actively Exploited
• Active Exploits Target Zimbra Collaboration: Over 19K Systems Vulnerable to CVE-2024-45519
• PoC Exploit Releases for Zimbra RCE Flaw CVE-2024-45519: Mass Exploitation Detected
• CVE-2023-41106: Zimbra Collaboration Suite Vulnerability Could Allow Unauthenticated Access
• CVE-2025-25064 (CVSS 9.8): Critical SQL Injection Bug in Zimbra Collaboration

About The Author

Ddos

Ddos is a seasoned news reporter, bringing over a decade of expertise to the forefront of cyber security and technology reporting. My work provides timely and insightful analysis of emerging trends and critical developments in these rapidly evolving sectors.

See author's posts