Summary: A critical zero-day remote code execution vulnerability (CVE-2025-42599) in Active! Mail is being actively exploited in Japan, affecting numerous large organizations. The vulnerability, which has a CVSS score of 9.8, allows attackers to execute arbitrary code or trigger a denial-of-service condition. Users are urged to update to a patched version immediately to mitigate risks.
Affected: Active! Mail by Qualitia
Keypoints :
- Active! Mail is a web-based email client with over 11,000,000 accounts, primarily used in Japanese enterprises.
- The vulnerability affects all versions of Active! Mail up to ‘BuildInfo: 6.60.05008561’.
- Qualitia recommends users update to version 6.60.06008562 to address the issue.
- Japan’s CERT has confirmed active exploitation, leading service providers like Kagoya Japan and WADAX to temporarily suspend operations as a precaution.
- At least 227 vulnerable Active! servers are publicly exposed, including those at universities.
- Mitigation steps include configuring Web Application Firewalls to inspect HTTP request bodies.