CISA said in a joint advisory with the Multi-State Information Sharing and Analysis Center and contributions by the FBI that organizations using unpatched instances of the Zimbra platform, which includes email, should assume they have been compromised.
CISA previously cautioned about Zimbra Collaboration Suite vulnerabilities in August.