Curiously, Exim was first notified about this vulnerability in June 2022, and a follow-up notification was sent in May 2023. Unfortunately, these alerts did not yield the anticipated response from Exim in the form of a patch. Consequently, Trend Micro’s Zero Day Initiative has taken the unusual step of publicly disclosing the flaw, accompanied by a detailed account of their correspondence with Exim over the course of several months.
According to BleepingComputer, MTA servers like Exim have long been a favored target for hackers due to their remote accessibility, serving as a potential gateway to infiltrate wider corporate networks. Exim, notably labeled as the “world’s most popular MTA software,” is installed on a staggering 56% of internet-connected mail servers, translating to approximately 342,000 servers. Its widespread usage is partly attributable to its inclusion in popular Linux distributions like Debian and Red Hat.
