CVE-2025-25064

high-risk

Published 2025-02-03

SQL injection vulnerability in the ZimbraSync Service SOAP endpoint in Zimbra Collaboration 10.0.x before 10.0.12 and 10.1.x before 10.1.4 due to insufficient sanitization of a user-supplied parameter. Authenticated attackers can exploit this vulnerability by manipulating a specific parameter in the request, allowing them to inject arbitrary SQL queries that could retrieve email metadata.

Do I need to act?

47.7% chance of exploitation in next 30 days

EPSS score — higher than 52% of all CVEs

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 8.8/10 High

NETWORK / LOW complexity

Affected Products (1)

Zimbra Collaboration Suite

Affected Vendors

Synacor

References (3)

Release Notes https://wiki.zimbra.com/wiki/Zimbra_Releases/10.0.12#Security_Fixes

Release Notes https://wiki.zimbra.com/wiki/Zimbra_Releases/10.1.4#Security_Fixes

Vendor Advisory https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories

/ 100

high-risk

Severity 30/34 · Critical

Exploitability 17/34 · Moderate

Exposure 5/34 · Minimal