This website stores cookies on your computer. These cookies are used to collect information about how you interact with our website and allow us to remember you. To find out more about the cookies we use, see our privacy policy

close

Contact sales

close

Contact sales

close

Contact sales

close

Contact sales

close

Contact sales

close

Contact sales

close

Contact sales

Scanning Result for

Don't close this window or your scan will stop. Large companies can take 10+ minutes, smaller companies can take a few seconds. Maximum of 5 scans per visitor. Please get in touch with us at sales@dynarisk.com or book a demo for more information.
Critical
High
Medium
Low
Risk Signals ?
Risk Signals (?)
Vulnerabilities (?)
Hacker Chatter (?)
Digital Footprint (?)
Leaked Data (?)
Want to experience the full power of Breach Check?
Book a Demo

Maximum scans hit

Start Trial

Exim Mail Servers: Zero-day Vulnerabilities

Our intelligence team has uncovered reports detailing six zero-day vulnerabilities within Exim mail servers. Zero-day vulnerabilities are security weaknesses in a program or network for which no patch or fix currently exists.

Among these vulnerabilities, CVE-2023-42115 is rated critical, with a CVSS score of 9.8 out of 10. These vulnerabilities are present in all versions of Exim mail transfer agents and could potentially allow hackers to execute remote code (RCE) on Internet-exposed servers.

The specific flaw exists within the SMTP service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer.

Alarming data from a Shodan search indicates that over 3.5 million servers are exposed to these vulnerabilities. The other five vulnerabilities are listed below:

  • CVE-2023-42116: Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability (CVSS v3.0 8.1)
  • CVE-2023-42117: Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability (CVSS v3.0 8.1)
  • CVE-2023-42118: Exim libspf2 Integer Underflow Remote Code Execution Vulnerability (CVSS v3.0 7.5)
  • CVE-2023-42119: Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability (CVSS v3.0 3.1)
  • CVE-2023-42114: Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability  (CVSS v3.0 3.7)

 

What actions should your clients take?

Until a patch is released, it's imperative for your clients to restrict and closely monitor system access. Employee training on identifying threats, along with implementing security measures like firewalls and antivirus software, is crucial.

However, as with all cyber threats, early detection is the best way to stay protected. Stay ahead with our cyber risk monitoring software, Breach Check, which enables you to scan any global business for cyber threats, including vulnerabilities and hacker chatter.

If you'd like our team to conduct a check to determine whether your clients or prospects are exposed due to this vulnerability, please contact us at sales@dynarisk.com.