Oct. 2, 2023, 7:43 a.m. |

Center for Internet Security - Multi-State Information Sharing and Analysis Center www.cisecurity.org

A vulnerability has been discovered in EXIM which could allow for arbitrary code execution. Exim is a mail transfer agent (MTA) for hosts that are running Unix or Unix-like operating systems. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the service account. An unauthenticated attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

account agent arbitrary code code code execution context exim exploitation mail mta operating systems running service systems transfer unix vulnerability

More from www.cisecurity.org / Center for Internet Security - Multi-State Information Sharing and Analysis Center

Humbly Confident Security Lead

@ YNAB | Remote

Information Technology Specialist II: Information Security Engineer

@ WBCP, Inc. | Pasadena, CA.

Director of the Air Force Cyber Technical Center of Excellence (CyTCoE)

@ Air Force Institute of Technology | Dayton, OH, USA

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

Cybersecurity Subject Matter Expert

@ QinetiQ US | Washington, DC, United States

Program Cybersecurity Manage (F/M/X)

@ Alstom | Villeurbanne, FR