Synacor, a privately owned US company founded in 1998, develops and provides cloud-based software and services. Employing approximately 210 people, the company's clientele consists primarily of global providers in the video, content, entertainment, internet, and communications sectors, along with device manufacturers, government entities, and other enterprises. Its technological offerings encompass email and collaboration platforms, and cloud-based identity management systems.
The Cybersecurity and Infrastructure Security Agency (CISA) added vulnerabilities affecting Synacor Zimbra Collaboration Suite (ZCS) to its Known Exploited Vulnerabilities (KEV) catalog on multiple occasions. On an unspecified date in November 2024, Microsoft initially reported active exploitation of a vulnerability. On February 26, 2025, CISA updated the KEV catalog to include the ZCS flaw, tracked as CVE-2023-34192, which allows cross-site scripting (XSS) by a remote authenticated attacker. CISA also added this vulnerability, along with a Microsoft Partner Center vulnerability (CVE-2024-49035), to the KEV catalog on an unspecified date in February 2025. The agency cited evidence of active exploitation for both vulnerabilities. CISA's actions followed reports of the vulnerabilities' exploitation.
Synacor's customers primarily consist of broadcast television and radio companies. Examples of Synacor's customers include Altitude Sports & Entertainment and ABS-CBN.
Subscribe for full access to Synacor's products in full detail 
