Six new zero-day vulnerabilities in Exim Message Transfer Agent have been reported as part of the Zero-Day initiative. These vulnerabilities were discovered in June 2022 but were not disclosed until now as Exim did not fix them.
Though these vulnerabilities have been published now, only three of the six vulnerabilities were fixed, which include 1 Critical severity (9.8), 1 high severity (8.1), and 1 low severity (3.7) vulnerabilities.
Implementing AI-Powered Email security solutions “Trustifi” can secure your business from today’s most dangerous email threats, such as Email Tracking, Blocking, Modifying, Phishing, Account Take Over, Business Email Compromise, Malware & Ransomware
The vulnerability that had the highest severity among the six reported vulnerabilities was CVE-2023-42115 associated with an out-of-bounds write in Exim AUTH, resulting in remote code execution. This vulnerability had the highest severity of 9.8 (Critical), which Exim fixed.
The high vulnerability fixed by Exim was CVE-2023-42116, which was related to a stack-based buffer overflow that exists due to improper validation in the handling of NTLM challenge requests, resulting in remote code execution. This vulnerability has a severity of 8.1 (High).
In addition to this, the other low-severity vulnerability was CVE-2023-42114, which was linked with an out-of-bounds read leading to information disclosure. The severity of this vulnerability was 3.7 (Low), which Exim also fixed.
Three of the zero-days were not fixed by Exim yet, which include two high-severity and one low-severity vulnerability. The two high-severity vulnerabilities were CVE-2023-42117 (8.1), CVE-2023-42118 (7.8), and CVE-2023-42119 (3.1).
CVE-2023-42117 was an Exim proxy vulnerability that existed due to the use of an untrusted proxy server, whereas CVE-2023-42118 was associated with the “SPF” condition used in an ACL. However, CVE-2023-42119 was another out-of-bounds read information disclosure vulnerability that existed in the Exim dnsdb.
Furthermore, CVE-2023-42115 was analyzed by researchers at watchTowr, and a proof-of-concept was published, providing detailed information about the severity, exploitation, and code review of the vulnerability.
In addition to this, another report was also published by SecLists, which details the vulnerability and their fixes. Moreover, Exim has also released a list of their fixes in this link.
Protect yourself from vulnerabilities using Patch Manager Plus to quickly patch over 850 third-party applications. Take advantage of the free trial to ensure 100% security.
The npm ecosystem faces a sophisticated new threat as ten malicious packages have emerged, each…
A public exploit code demonstrating how attackers could exploit CVE-2025-40778, a critical vulnerability in BIND…
Microsoft Exchange servers in Germany are still running without security updates, just weeks after the…
The threat landscape continues to evolve as Gunra ransomware emerged in April 2025, establishing itself…
In response to escalating threats of credential theft, Google, through its Mandiant cybersecurity division, has…
A new remote access trojan called Atroposia has emerged as one of the most concerning…