Threat Advisory: New Vulnerability Affecting Exim Servers

June 13, 2019

A critical remote code execution vulnerability is actively being scanned for and exploited across the Internet. Known as "Return of the WIZard", the vulnerability (tracked under CVE-2019-10149) affects the Exim mail transfer relays (versions 4.87-4.91), which currently operate on more than half of all mail servers on the Internet. The vulnerability was exploited as early as June 9, 2019.

While the difficulty of exploitation varies depending on configuration, the National Vulnerability Database ranks the vulnerability as a 9.8/10 and organizations should apply the necessary patches immediately. Herjavec Group strongly recommends updating to the latest version of Exim (v. 4.92), released February 10, 2019, to prevent potential attacks that exploit the vulnerability. 

Herjavec Group Vulnerability Management clients can reference their latest reports for CVE-2019-10149. We are reviewing the most recent scan data and will escalate patches as required.

Herjavec Group is proactively ensuring that applicable signatures are up to date for our Managed Security Services Customers.  We are actively engaged for all technology product updates relating to CVE-2019-10149.

If your organization has been affected by the vulnerability, please contact us for Incident Response or compromise assessment support as needed.


About Herjavec Group

Dynamic entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. We have been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments. Our service expertise includes Advisory Services, Technology Architecture & Implementation, Identity Services, Managed Security Services, Threat Management and Incident Response. Herjavec Group has offices and Security Operations Centers across the United States, United Kingdom and Canada.

Stay Informed

Follow us on Twitter

Connect with us on LinkedIn