Multiple critical vulnerabilities expose email servers that use the Exim agent; update immediately

A recent report from security firm Qualys details the finding of multiple security vulnerabilities in the popular email transfer agent Exim, employed on the most important email servers. According to experts, a total of 21 vulnerabilities were found, of which 10 can be exploited remotely by unauthenticated threat actors.

The report also mentions that many of the remotely exploitable flaws could be chained with known privilege escalation vulnerabilities to lead to remote code execution scenarios.

The flaws appear to date back to the start of Exim’s Git in 2004, which means that all supported versions of the software need to be updated. The flaws were traced as CVE-2020-28007 to CVE-2020-28026, in addition to CVE-2021-27216.

Experts suggest that three of these flaws pose the risk of remote code execution, a flaw that does not require victim action to be exploited, and could give hackers complete control of the compromised system. Reported vulnerabilities also include integer overflow flaws, header injections, and use-after-free errors.

Qualys presented detailed descriptions of each vulnerability in his most recent blog, as well as posting a video demonstrating some possible risk scenarios and a statement to the general public: “There is no need to chain vulnerabilities to achieve remote code execution (RCE). What needs to be chained together is an RCE scenario that provides non privileged access to the server and an escalation of local privileges that turns non privileged access into a privileged process, in other words, to provide root access hackers.”

Exim implementations are very popular in their category and handle a large volume of Internet traffic, so they can be attractive targets for cybercriminal groups. Bharat Jogi, Qualys researcher, said: “This set of flaws is critical, as its exploitation would allow threat actors to obtain root user privileges and deploy subsequent attacks on email servers, so it should be a priority for users of this solution to apply some of the recommended security measures immediately.”

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.