CISA Adds Microsoft and Zimbra Vulnerabilities to Known Exploited Vulnerabilities Catalog
CybersecurityCISAMicrosoftZimbraVulnerabilitiesExploitationSecurityFlawsKEVCVSS
On Tuesday, February 2, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two security vulnerabilities to its catalog of known exploited vulnerabilities (KEV) due to evidence of active exploitation. The vulnerabilities affect Microsoft Partner Center and Synacor Zimbra Collaboration Suite (ZCS). The first vulnerability, CVE-2024-49035, has a CVSS score of 8.7 and is related to improper access control.