{"id":53932,"date":"2023-10-02T14:54:29","date_gmt":"2023-10-02T14:54:29","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/35077\/Critical-Vulnerabilities-In-Exim-Threaten-Over-250k-Email-Servers-Worldwide.html"},"modified":"2023-10-02T14:54:29","modified_gmt":"2023-10-02T14:54:29","slug":"critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/","title":{"rendered":"Critical Vulnerabilities In Exim Threaten Over 250k Email Servers Worldwide"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2023\/09\/code-vulnerability-security-800x534.jpg\" alt=\"Critical vulnerabilities in Exim threaten over 250k email servers worldwide\"><figcaption class=\"caption\">\n<div class=\"caption-credit\">Getty Images<\/div>\n<\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/security\/2023\/09\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">92<\/span> <span class=\"visually-hidden\"> with <\/span> <\/a> <\/aside>\n<p> <!-- cache hit 5:single\/related:57a603b239a2a0e2c0a7054c26580488 --><!-- empty --><\/p>\n<p>Thousands of servers running the Exim mail transfer agent are vulnerable to potential attacks that exploit critical vulnerabilities, allowing remote execution of malicious code with little or no user interaction.<\/p>\n<p>The vulnerabilities were <a href=\"https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-23-1469\/\">reported on Wednesday<\/a> by Zero Day Initiative, but they largely escaped notice until Friday when they surfaced in a security mail list. Four of the six bugs allow for remote code execution and carry severity ratings of 7.5 to 9.8 out of a possible 10. Exim said it has made patches for three of the vulnerabilities available in a private repository. The status of patches for the remaining three vulnerabilities\u2014two of which allow for RCE\u2014are unknown. Exim is an open source mail transfer agent that is used by as many as <a href=\"https:\/\/www.securityspace.com\/s_survey\/data\/man.202302\/mxsurvey.html\">253,000 servers<\/a> on the Internet.<\/p>\n<h2>\u201cSloppy handling\u201d on both sides<\/h2>\n<p>ZDI provided no indication that Exim has published patches for any of the vulnerabilities, and at the time this post went live on Ars, the Exim website made no mention of any of the vulnerabilities or patches. On the <a href=\"https:\/\/seclists.org\/oss-sec\/\">OSS-Sec mail list<\/a> on Friday, an Exim project team member <a href=\"https:\/\/seclists.org\/oss-sec\/2023\/q3\/254\">said<\/a> that fixes for two of the most severe vulnerabilities and a third, less severe one are available in a \u201cprotected repository and are ready to be applied by the distribution maintainers.\u201d<\/p>\n<p>There were no more details about the fixes, precisely how admins obtain them, or if there are mitigations available for those who can\u2019t patch right away. Exim project team members didn\u2019t respond to an email asking for additional information.<\/p>\n<p>The most severe of the vulnerabilities, tracked as CVE-2023-42115, is among those that the Exim team member said have been patched. ZDI <a href=\"https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-23-1469\/\">described<\/a> it as an out-of-bounds flaw in an Exim component that handles authentication.<\/p>\n<p>\u201cThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim,\u201d Wednesday\u2019s advisory stated. \u201cAuthentication is not required to exploit this vulnerability.\u201d<\/p>\n<p>Another patched vulnerability, tracked as <a href=\"https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-23-1470\/\">CVE-2023-42116<\/a>, is a stack-based overflow in the Exim challenge component. Its severity rating is 8.1 and also allows for RCE.<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>\u201cThe specific flaw exists within the handling of NTLM challenge requests,\u201d ZDI said. \u201cThe issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the service account.\u201d<\/p>\n<p>The third fixed vulnerability is tracked as <a href=\"https:\/\/www.zerodayinitiative.com\/advisories\/ZDI-23-1468\/\">CVE-2023-42114<\/a>, which allows for disclosure of sensitive information. It carries a rating of 3.7.<\/p>\n<p>Some critics have called out the Exim project for not transparently disclosing the vulnerabilities. Adding more fuel to the critiques, the ZDI disclosures provided a timeline that indicated company representatives notified Exim project members of the vulnerabilities in June 2022. A handful of back-and-forth interactions occurred over the intervening months until ZDI disclosed them Wednesday.<\/p>\n<p>In a <a href=\"https:\/\/seclists.org\/oss-sec\/2023\/q3\/254\">post on Friday<\/a> to the OSS-Sec mail list, Exim project team member Heiko Schlittermann said that after receiving the private ZDI report in June 2022, team members asked for additional details \u201cbut didn\u2019t get answers we were able to work with.\u201d The next contact didn\u2019t occur until May 2023. \u201cRight after this contact we created project bug tracker for 3 of the 6 issues,\u201d Schlittermann said. \u201cThe remaining issues are debatable or miss information we need to fix them.\u201d<\/p>\n<p>Some people participating in the discussion criticized both sides.<\/p>\n<p>\u201cThis looks like sloppy handling of these issues so far by both ZDI and Exim\u2014neither team pinging the other for 10 months, then Exim taking 4 months to fix even the 2 high-scored issues it did have sufficient info on,\u201d the distinguished security researcher known as Solar Designer <a href=\"https:\/\/seclists.org\/oss-sec\/2023\/q3\/257\">wrote<\/a>. \u201cWhat are you doing to improve the handling from this point on?\u201d<\/p>\n<p>The critic also asked Schlittermann when OS distributions will be permitted to make the Exim updates public since the fixes are currently in a protected repository. \u201cI suggest that you set a specific date\/time e.g. in 2 days from now when both the Exim project will make the repo and the fixed bug entries\u2026 public _and_ distros will release updates.\u201d<\/p>\n<p>No one from Exim responded to those questions or, as mentioned earlier, to questions Ars sent by email shortly afterward.<\/p>\n<p>With only a limited number of details becoming available so late on a Friday, patching and potential mitigations may not be as straightforward as some admins might hope. Despite any potential hardships, the vulnerabilities sound serious. In 2020, the National Security Agency reported that hackers in Sandworm, an elite threat actor backed by the Kremlin, had been <a href=\"https:\/\/arstechnica.com\/information-technology\/2020\/05\/russian-hackers-are-exploiting-bug-that-gives-control-of-us-servers\/\">exploiting a critical Exim vulnerability<\/a> to compromise networks belonging to the US government and its partners. Now that new Exim vulnerabilities have come to light, it wouldn\u2019t be surprising if threat actors hope to capitalize on them. READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/35077\/Critical-Vulnerabilities-In-Exim-Threaten-Over-250k-Email-Servers-Worldwide.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":53933,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[10727],"class_list":["post-53932","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackeremailflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Critical Vulnerabilities In Exim Threaten Over 250k Email Servers Worldwide 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Critical Vulnerabilities In Exim Threaten Over 250k Email Servers Worldwide 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2023-10-02T14:54:29+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2023\/09\/code-vulnerability-security-800x534.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Critical Vulnerabilities In Exim Threaten Over 250k Email Servers Worldwide\",\"datePublished\":\"2023-10-02T14:54:29+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/\"},\"wordCount\":810,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide.jpg\",\"keywords\":[\"headline,hacker,email,flaw\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/\",\"name\":\"Critical Vulnerabilities In Exim Threaten Over 250k Email Servers Worldwide 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide.jpg\",\"datePublished\":\"2023-10-02T14:54:29+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2023\\\/10\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide.jpg\",\"width\":800,\"height\":534},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,email,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackeremailflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Critical Vulnerabilities In Exim Threaten Over 250k Email Servers Worldwide\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Critical Vulnerabilities In Exim Threaten Over 250k Email Servers Worldwide 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/","og_locale":"en_US","og_type":"article","og_title":"Critical Vulnerabilities In Exim Threaten Over 250k Email Servers Worldwide 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2023-10-02T14:54:29+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2023\/09\/code-vulnerability-security-800x534.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Critical Vulnerabilities In Exim Threaten Over 250k Email Servers Worldwide","datePublished":"2023-10-02T14:54:29+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/"},"wordCount":810,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/10\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide.jpg","keywords":["headline,hacker,email,flaw"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/","url":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/","name":"Critical Vulnerabilities In Exim Threaten Over 250k Email Servers Worldwide 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/10\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide.jpg","datePublished":"2023-10-02T14:54:29+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/10\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2023\/10\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide.jpg","width":800,"height":534},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/critical-vulnerabilities-in-exim-threaten-over-250k-email-servers-worldwide\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,email,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackeremailflaw\/"},{"@type":"ListItem","position":3,"name":"Critical Vulnerabilities In Exim Threaten Over 250k Email Servers Worldwide"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53932","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=53932"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/53932\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/53933"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=53932"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=53932"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=53932"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}