A critical vulnerability (CVE-2024-39929) in the Exim mail transfer agent could enable attackers to deliver malicious attachments to users’ inboxes. The flaw, rated 9.1 out of 10 on the CVSS scale, affects versions up to 4.97.1 and has been fixed in version 4.98.
Exim, a widely used mail transfer agent for Unix-like systems, mishandles multiline RFC 2231 header filenames, allowing remote attackers to bypass extension-blocking mechanisms. If users open these malicious files, their systems could be compromised.
Exim is deployed on over 4.8 million public-facing SMTP servers, with 1.5 million potentially vulnerable instances. Most are located in the U.S., Russia, and Canada. Immediate patching is essential to mitigate risks. Detect these vulnerabilities with the help of a vulnerability management tool.
Censys, a security firm, noted the criticality of this issue. “The vulnerability allows remote attackers to bypass filename extension blocking protection measures and deliver executable attachments directly to end-users’ mailboxes,” they said. Users must act quickly to apply the patches.
This flaw is part of Exim’s ongoing security concern for Exim. Almost a year ago, six vulnerabilities were discovered ,which could lead to the exposure of sensitive information and the remote code execution.
In summary, while there are no active exploitation reports, the potential threat requires urgent attention from users to apply updates and protect their systems.
Patch Them All with SanerNow
Struggling to combat and mitigating the rising number of risks in your network like log4j, regreSSHion and other vulns? Enter SanerNow to your rescue.
SanerNow is an attack surface management solution natively built and integrated to detect and remediate security risks. SanerNow’s patch management automatically deploys patches to all the critical risks detected. It supports all major OSs and 550+ third-party applications to help you reduce the attack surface.
SanerNow network scanner detects these vulnerabilities. Use SanerNow and keep your systems updated and secure.