Summary: A critical security vulnerability (CVE-2025-42599) has been discovered in Active! mail by QUALITIA CO., LTD., posing severe risks to affected systems. The flaw allows remote attackers to execute arbitrary code or cause denial-of-service conditions without authentication, leading to potential data breaches and service disruptions. Organizations are urged to promptly update to the patched version to mitigate risks.
Affected: Active! mail 6 BuildInfo: 6.60.05008561 and earlier
Keypoints :
- Vulnerability tracked as CVE-2025-42599 with a CVSS score of 9.8 indicates critical severity.
- The flaw involves a stack-based buffer overflow allowing remote attackers to execute malicious code.
- QUALITIA CO., LTD. has released a patched version (6 BuildInfo: 6.60.06008562) to address the vulnerability.
- Organizations should prioritize immediate updates, conduct security audits, and enhance network monitoring.