CRITICAL🇵🇱 Wersja polska

CVE-2023-42115

CVSS 9.8v3.0pub. 2024-05-03upd. 2025-08-07

Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of a buffer. An attacker can leverage this vulnerability to execute code in the context of the service account. . Was ZDI-CAN-17434.

🤖 AI Analysis
How it works

The vulnerability is located in the SMTP service listening by default on TCP port 25, in the authentication (AUTH) handling mechanism. The vulnerability results from lack of proper validation of data supplied by the user, leading to an out-of-bounds write (CWE-787). An attacker can send a specially crafted SMTP packet, causing memory overwrite outside the buffer boundaries and taking control over the process execution flow.

Impact

An attacker can execute arbitrary code in the context of the Exim service account, which in practice may mean complete takeover of the mail server. Possible consequences include breach of confidentiality, integrity, and system availability.

Mitigation & patch

Apply patches available from the vendor according to the references. As a temporary workaround, consider restricting access to TCP port 25 only to trusted IP addresses using a firewall and monitoring anomalous SMTP connections.

Who is affected

Exim — versions indicated in the vendor references (vulnerability identified as ZDI-CAN-17434 / ZDI-23-1469)

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Exim

    APP
    Exim
    < 4.96.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2019-16928CRITICAL9.8⚠ KEVten sam produkt

Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is...

CVE-2019-10149CRITICAL9.8⚠ KEVten sam produkt

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient address in delive...

CVE-2018-6789CRITICAL9.8⚠ KEVten sam produkt

An issue was discovered in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handc...

CVE-2010-4344CRITICAL9.8⚠ KEVten sam produkt

Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attack...

CVE-2026-45185CRITICAL9.8PL ✓ten sam produkt

Exim: use-after-free w parsowaniu BDAT — zdalne wykonanie kodu