Critical Vulnerability in Exim Mail Server (CVE-2019-10149)

Published on 10 Jun 2020

Updated on 10 Jun 2020

The developer of the Exim Mail Server has recently released patches to address a critical vulnerability (CVE-2019-10149).

There are reports of active exploitation of this vulnerability in the wild. All Exim Mail Servers, between and including versions 4.87 to 4.91, are affected. Successful exploitation could lead to a full compromise of the Exim Mail Server. An attacker can take control of an affected email server and perform malicious activity through the mail server.

Administrators managing Internet facing Exim Mail Server should update to the latest version 4.94 immediately.