Critical security vulnerability in zebNet products discovered

Published on: Sunday, February 20, 2022 6:30 AM

On February 18, 2022, a critical security vulnerability was discovered in various zebNet products.

Due to missing and/or insufficient encryption measures in the affected products, a man-in-the-middle attack (MITM) might be possible within the update process of the affected applications.

As a result of this vulnerability, an attacker could theoretically infiltrate the customer system and execute arbitrary code with administrator privileges by manipulating the update process of the affected product.

On February 19, 2022, within a response time of less than 24 hours, zebNet released bug fixed versions for all affected products that are currently under support. Customers that are using an affected product are urgently advised to immediately install the bug fixed version.

Among other things, the bug fixed versions contain increased encryption modules and new signature verification procedures that help to avoid similar security vulnerabilities.

Active exploitation of this security vulnerability is not known to zebNet, so this is purely a precautionary measure.

Bug fixed versions of the affected products are available for download at:

List of affected products:

  • MailShelf Basic
  • MailShelf Standard
  • MailShelf Pro
  • MailShelf Server
  • MailShelf Client
  • Backup for Chrome 5.0
  • Backup for Chrome 6.0
  • Backup for Firefox 5.0
  • Backup for Firefox 6.0
  • Backup for Internet Explorer 5.0
  • Backup for Internet Explorer 6.0
  • Backup for Opera Browser 5.0
  • Backup for Opera Browser 6.0
  • Backup for Pale Moon 6.0
  • Backup for SeaMonkey 5.0
  • Backup for SeaMonkey 6.0
  • Backup for IncrediMail 5.0
  • Backup for IncrediMail 6.0
  • Backup for Live Mail 5.0
  • Backup for Live Mail 6.0
  • Backup for Outlook 5.0
  • Backup for Outlook 6.0
  • Backup for Postbox 5.0
  • Backup for Postbox 6.0
  • Backup for Thunderbird 5.0
  • Backup for Thunderbird 6.0
  • Backup for eM Client 5.0
  • Backup for eM Client 6.0
  • Backup for Mailbird 5.0
  • Backup for Mailbird 6.0
  • Backup for The Bat 5.0
  • Backup for The Bat 6.0
  • Backup for Vivaldi 5.0
  • Backup for Vivaldi 6.0
  • Backup for Waterfox 6.0
  • Any product of the generation 2011
  • Any product of the generation 2012
  • Any product of the generation TNG (v4.0)

Follow us

Connect WhatsApp Telegram Newsletter RSS Feed

Developer and publisher of powerful, and easy-to-use software

Since 2008 we create best-selling software products. Not just because we love what we do, but because software is just part of our DNA.

Copyright © 2024 zebNet Ltd. All rights reserved. zebNet® is a registered trademark of zebNet Ltd.