New RCE vulnerability impacts nearly half of the internet’s email servers
Qualys researchers have discovered a critical security flaw that renders the majority of all email servers on the web vulnerable to remote command execution (RCE) attacks. The vulnerable service is Exim, a highly popular program that is being used by 57% of all email servers.
Remote command execution is not the same as remote code execution, but the risks are similar. Threat actors could scan the web for vulnerable devices and then take advantage of the flaw in order to take control of affected servers. The report mentions that remote exploitation is probably not a quick and easy job, and may require a hacker to “keep a connection to the vulnerable server open for 7 days (by transmitting one byte every few minutes).” However, the researchers warn that it might be possible for attackers to find faster ways of exploiting the vulnerability.