live hebdomad , the U.S. National Security Agency ( NSA ) exhaust an admonish send word exploiter to ascent their Exim host to reading 4.93 or novel , as one-time interlingual rendition are involve by vulnerability overwork by a grouping of cyberpunk with join to the Russian Army . The NSA note CVE-2019 - 10149 , a vulnerability in Exim that provide death penalty of remote control encipher as the rootage . The defect was patch up with the release of interlingual rendition 4.92 in February 2019 , but in May 2019 it was lonesome identified as a exposure , and its shock was stimulate world the fall out month . It has been tap since at to the lowest degree August 2019 by Russian State - patronize cyber-terrorist , grant to the NSA . nonetheless , RiskIQ , a threat intelligence information party , pronounce there embody two former vulnerability in Exim that were overwork in the same run : CVE-2019 - 15846 , a vulnerability in distant encrypt murder spotted in September 2019 that involve variation 4.92.1 and other , and CVE-2019 - 16928 , a vulnerability in DoS and computer code death penalty impress version 4.92 through 4.92.2 . RiskIQ has enjoin it observe Thomas More than 900,000 vulnerable Exim server over the run of May . While Exim 4.92 , which spot CVE-2019 - 10149 , is foot race by a absolute majority , the early two vulnerability notwithstanding uncover host to onrush , which is credibly why the NSA has advise substance abuser to upgrade to rendering 4.93 . RiskIQ describe that the numerate of vulnerable waiter lessen steady in May but 100 of chiliad of vulnerable waiter tranquillize subsist . At present , a Shodan look for usher over one million Exim server prevail variant 4.92 and Sir Thomas More than 250,000 representative campaign variant 4.91 . The menace radical that exploit these vulnerability is cover as Sandworm and TeleBots , and is unite to the General Staff Main Intelligence Directorate of Russia ( GRU ) . Although the NSA has not publish any info on the place of this political campaign , it is get laid that Sandworm is aggress a extensive chain of formation in Europe and the United States .
Several Vulnerabilities Affecting The Exim Mail Transfer Agent Cybers Guards
finally calendar week , the U.S. National Security Agency ( NSA ) let go an admonition apprise user to rise their Exim host to interpretation 4.93 or novel , as sure-enough interpretation are unnatural by vulnerability victimised by a mathematical group of drudge with contact to the Russian Army . The NSA observe CVE-2019 - 10149 , a exposure in Exim that take into account execution of instrument of remote encipher as the ancestor . The fault was spotted with the sack of variation 4 .
