Multiple Vulnerabilities in Exim Mail Server
Security advisory discloses six zero-day vulnerabilities, including a critical severity vulnerability that could allow remote code execution
Summary
Security advisory discloses six zero-day vulnerabilities, including a critical severity vulnerability that could allow remote code execution
Affected platforms
The following platforms are known to be affected:
Threat details
Introduction
Six zero-day vulnerabilities have been disclosed in Exim Mail Server, including four which could allow remote code execution. One of these vulnerabilities has been designated as CVE-2023-42115 and rated at a critical severity, with a CVSSv3 score of 9.8. This vulnerability could allow a remote, unauthenticated attacker to execute arbitrary code on an affected system.
Remediation advice
Affected organisations are encouraged to review Exim's security bulletin and apply the relevant updates.
Definitive source of threat updates
CVE Vulnerabilities
Last edited: 2 October 2023 3:14 pm