Exim vulnerability affecting 1.5 million servers lets attackers attach malicious files (arstechnica.com)

submitted 1 month ago by lemmydev2@infosec.pub to c/pulse_of_truth@infosec.pub

1 comments fedilink hide all child comments

Based on past attacks, It wouldn’t be surprising to see active targeting this time too.

top 1 comments

sorted by: hot top controversial new old

[-] autotldr@lemmings.world 1 points 1 month ago

This is the best summary I could come up with:

More than 1.5 million email servers are vulnerable to attacks that can deliver executable attachments to user accounts, security researchers said.

Tracked as CVE-2024-39929 and carrying a severity rating of 9.1 out of 10, the vulnerability makes it trivial for threat actors to bypass protections that normally prevent the sending of attachments that install apps or execute code.

“I can confirm this bug,” Exim project team member Heiko Schlittermann wrote on a bug-tracking site.

More than 1.5 million of the Exim servers, or roughly 31 percent, are running a vulnerable version of the open-source mail app.

Threat actors can exploit it to bypass extension blocking and deliver executable attachments in emails sent to end users.

Given the requirement that end users must click on an attached executable for the attack to work, this Exim vulnerability isn’t as serious as the one that was exploited starting in 2019.

The original article contains 294 words, the summary contains 147 words. Saved 50%. I'm a bot and I'm open source!

this post was submitted on 12 Jul 2024

4 points (100.0% liked)

Pulse of Truth

343 readers

37 users here now

Cyber Security news and links to cyber security stories that could make you go hmmm. The content is exactly as it is consumed through RSS feeds and wont be edited (except for the occasional encoding errors).

This community is automagically fed by an instance of Dittybopper.

founded 10 months ago

MODERATORS

krogoth@infosec.pub