CVE-2022-3569

HIGH

Zimbra Collaboration Suite <9.0.0 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-3569. PoCs published by EvergreenCartoons, Ron Bowes, including Metasploit module exploits/linux/local/zimbra_postfix_priv_esc.

AI-analyzed exploit summary This Metasploit module exploits a vulnerable sudo configuration in Zimbra that allows the zimbra user to execute postfix as root, which can then execute arbitrary shell scripts to achieve privilege escalation.

Description

Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively coerce postfix into running arbitrary commands as 'root'.

Exploits (1)

metasploit WORKING POC EXCELLENT

by EvergreenCartoons, Ron Bowes · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/zimbra_postfix_priv_esc.rb

View Code ZIP pw:eip

This Metasploit module exploits a vulnerable sudo configuration in Zimbra that allows the zimbra user to execute postfix as root, which can then execute arbitrary shell scripts to achieve privilege escalation.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Zimbra Collaboration Suite (with vulnerable sudo configuration)

Auth required

Prerequisites: Access to a user account with sudo privileges to execute postfix as root · Zimbra installed with vulnerable sudo configuration

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1548.003 - Sudo and Sudo Caching

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory, VDB Entry

http://packetstormsecurity.com/files/169430/Zimbra-Privilege-Escalation.html

Exploit, Issue Tracking, Patch, Third Party Advisory

https://github.com/rapid7/metasploit-framework/pull/17141

Third Party Advisory

https://twitter.com/ldsopreload/status/1580539318879547392

Scores

CVSS v3 7.8

EPSS 0.0069

EPSS Percentile 48.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-271

Status published

Products (1)

synacor/zimbra_collaboration_suite < 9.0.0

Published Oct 17, 2022

Tracked Since Feb 18, 2026