The Cyber Security Agency of Singapore (CSA) has issued a high-priority alert for a critical vulnerability, CVE-2025-52691, affecting SmarterMail versions Build 9406 and earlier, which could allow remote code execution via arbitrary file uploads. Organizations are urged to update to version Build 9413 or later immediately to mitigate the risk of exploitation and maintain security posture. #CVE-2025-52691 #SmarterTools #SmarterMail #remoteCodeExecution
Keypoints
- The vulnerability CVE-2025-52691 affects SmarterMail versions Build 9406 and earlier.
- It allows unauthenticated attackers to upload arbitrary files to server directories, potentially leading to remote code execution.
- Security patches have been released, with the fix implemented in SmarterMail Build 9413 on October 9, 2025.
- Organizations are advised to upgrade to the latest version, Build 9483, for enhanced security.
- There is no evidence of active exploitation in the wild, but timely patching is crucial to prevent potential attacks.
Read More: https://thecyberexpress.com/csa-alert-cve-2025-52691/