In an alert issued by the NSA, companies and organizations were urged to update their Exim Mail Transfer Agent (MTA) servers to version 4.93 or newer. Earlier versions are reportedly impacted by a series of vulnerabilities that are currently exploited by a hacker group known as Sandworm with ties to the Russian military intelligence agency. While the NSA mentioned CVE-2019-10149, which was an Exim vulnerability that allowed remote code execution as root, RiskIQ also reports that CVE-2019-15846 (another RCE vulnerability in Exim) and CVE-2019-16928, which was a DOS and code execution vulnerability. RiskIQ reported that there are over 900,000 vulnerable Exim servers, with the majority running Exim 4.92.
Watch the Video
How does Binary Defense help protect your organization? With best in breed cybersecurity tactics, techniques, and services, we make sure that your environment is secure against the most advanced attacks.