Synacor, a privately owned US company founded in 1998, develops and provides cloud-based software and services. Employing approximately 210 people, the company's clientele consists primarily of global providers in the video, content, entertainment, internet, and communications sectors, along with device manufacturers, government entities, and other enterprises. Its technological offerings encompass email and collaboration platforms, and cloud-based identity management systems.
Synacor's Zimbra Collaboration Suite (ZCS) contains a critical vulnerability (CVE-2019-9621), classified under CWE-918 and CWE-807, that allows unauthorized requests to internal or external resources, potentially exposing sensitive data and compromising network security. This vulnerability is being actively exploited. The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent warning about this vulnerability on an unspecified date and added it to its Known Exploited Vulnerabilities (KEV) Catalog. CISA also added CVE-2019-9621 to its KEV catalog on an unspecified date, noting it as a Server-Side Request Forgery (SSRF) vulnerability. Multiple vulnerabilities were detected in ZCS on an unspecified date, according to a CISA advisory. Finally, CISA updated its KEV catalog to include a critical zero-day flaw impacting ZCS on an unspecified date in November.
Synacor's customers primarily consist of broadcast television and radio companies. Examples of Synacor's customers include Altitude Sports & Entertainment and ABS-CBN.
Subscribe for full access to Synacor's products in full detail 
