CISA Adds Known Exploited Vulnerabilities to Catalog - 20250227001¶
Overview¶
CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalogue, citing evidence of active exploitation.
What is the vulnerability?¶
| CVE | Affected Product |
|---|---|
| CVE-2024-49035 | Microsoft Partner Center Improper Access Control Vulnerability Vulnerability |
| CVE-2023-34192 | Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) VulnerabilityVulnerability |
What has been observed?¶
CISA has listed this vulnerabilty in their Known Exploited Vulnerabilties catalog.
Recommendation¶
Due to the report of active exploitation, it is strongly recommended to patch this vulnerability within 2 weeks across all affected platforms as per vendor instructions.