InfoSecBulletin Cybersecurity for mankind
Censys has warned that more than 1.5 million Exim mail transfer agent (MTA) instances are vulnerable to a critical security issue. This vulnerability allows threat actors to bypass security filters.
Exim developers fixed a security flaw, tracked as CVE-2024-39929, impacting versions up to 4.97.1.
GitHub Desktop Vuln Credential Leaks via Malicious Remote URLs
Burp Suite 2025.1 released: Featuring Intruder Capabilities & Bug Fixes
UnitedHealth confirms 190 million impacted by 2024 data breach
Registration Open For BCS CTF 2025
New Ransomware Tactics Target VMware ESXi Via SSH Tunneling
Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass
CISA Releases 6 ICS Advisories Detailing Security Issues
Account Credentials for Security Vendors Found on Dark Web: Cyble Report
Four Critical Ivanti CSA Vulnerabilities Exploited: CISA , FBI warns
GitLab Releases Patch (CVE-2025-0314) for XSS Exploit
The vulnerability is caused by not parsing multiline RFC2231 header filenames correctly, allowing remote attackers to send harmful executable attachments to end users’ mailboxes by bypassing the protection mechanism.
“If a user were to download or run one of these malicious files, the system could be compromised,” Censys warned, adding that “a PoC is available, but no active exploitation is known yet.”
“As of July 10, 2024, Censys observes 1,567,109 publicly exposed Exim servers running a potentially vulnerable version (4.97.1 or earlier), concentrated mostly in the United States, Russia, and Canada,” the company added.
59% of the 409,255 mail servers on the Internet were running Exim, which is more than 241,000 instances.
According to Shodan, there are over 3.3 million Exim servers exposed online, most in the United States, followed by Russia and the Netherlands. Censys found 6,540,044 public mail servers online, with roughly 74% of them running Exim.
