CVE-2025-42599

Published Apr 18, 2025

Last updated 9 days ago

Exploit knownCVSS critical 9.8
Active! mail
Qualitia

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-42599 is a stack-based buffer overflow vulnerability found in Active! mail 6 BuildInfo version 6.60.05008561 and earlier. This vulnerability can be exploited by a remote, unauthenticated attacker sending a specially crafted request. Successful exploitation could lead to arbitrary code execution or a denial-of-service (DoS) condition.

Description
Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition.
Source
vultures@jpcert.or.jp
NVD status
Analyzed

Risk scores

CVSS 3.1

Type
Primary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

CVSS 3.0

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability
Exploit added on
Apr 28, 2025
Exploit action due
May 19, 2025
Required action
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Weaknesses

vultures@jpcert.or.jp
CWE-121

Social media

Hype score
Not currently trending
  1. Active! mail の脆弱性 CVE-2025-42599 が FIX:任意のコード実行やサービス拒否の可能性 https://t.co/qlLxnyopig 本ブログでは初登場の Active! mail ですが、公式 Web サイトによると、これまでに累計

    @iototsecnews

    6 May 2025

    131 Impressions

    2 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Qualitia Sécurité, La CISA confirme l’exploitation active de la Vulnérabilité CVE-2025-42599 dans Active! Mail. Alerte CISA publiée le 28 avril 2025 dans son catalogue KEV. https://t.co/KYIzxWadv3

    @NicolasCoolman

    5 May 2025

    75 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Actively exploited CVE : CVE-2025-42599

    @transilienceai

    3 May 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  4. CISAのKEVにQualitia Active! Mail 脆弱性(CVE-2025-42599)CVSS9.8 Critical が登録されました。 スタックベースのバッファオーバーフローにより、遠隔・未認証の攻撃者が「任意コード実行」や「DoS攻撃」を起こせるリスク

    @t_nihonmatsu

    29 Apr 2025

    358 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Actively exploited CVE : CVE-2025-42599

    @transilienceai

    29 Apr 2025

    22 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  6. JPCERTから先日注意喚起が出されていたActive! Mail の脆弱性(CVE-2025-42599)がCISAの悪用が確認されている脆弱性カタログにも追加されましたね。 https://t.co/beFrNTiPdL

    @ntsuji

    29 Apr 2025

    7571 Impressions

    9 Retweets

    36 Likes

    4 Bookmarks

    1 Reply

    1 Quote

  7. Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-42599 #Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability https://t.co/V2woxlf8ZE

    @ScyScan

    28 Apr 2025

    69 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Active mail の脆弱性 / CVE-2025-42599 がKEVに登録されました Active! mail 6 BuildInfo: https://t.co/KHPMbAGQB2

    @shojiueda

    28 Apr 2025

    206 Impressions

    0 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 🛡️ We added Brocade Fabric OS, Commvault Web Server & Qualitia Active! mail vulnerabilities CVE-2025-1976, CVE-2025-3928 & CVE-2025-42599 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from c

    @CISACyber

    28 Apr 2025

    7101 Impressions

    35 Retweets

    56 Likes

    8 Bookmarks

    2 Replies

    1 Quote

  10. Actively exploited CVE : CVE-2025-42599

    @transilienceai

    28 Apr 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  11. CVE-2025-42599の影響だけど、身近で起こっている感じなので、職場で利用しているパスワードを個人用で使い回してたら超危険です。まずは速攻で変更しましょう!二要素認証も忘れずに!

    @hisao8000

    25 Apr 2025

    33 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  12. 情報処理安全確保支援士の問2のEPSS値って信用足りるのかな?と思って 『Active! mailの脆弱性 (CVE-2025-42599)』 を見てみた https://t.co/gx9BtQNtby 30日以内に悪用される可能性: 0.22% 私の判断は正しかったわ。 これ狙うのが容易だから緊急性あると判断したが、これ使ってたら見逃してただろう https://t.co/lVOWm85v3o

    @lyiase

    24 Apr 2025

    809 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. CVE-2025-42599 : Active! Mail RCE flaw exploited in attacks on Japanese orgs https://t.co/ooVrv0qtFy

    @freedomhack101

    24 Apr 2025

    51 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  14. Active! mailの脆弱性「CVE-2025-42599」を考察 | トレンドマイクロ (JP) - Trend Micro https://t.co/xEMRqBsEld #izumino_trend

    @sec_trend

    23 Apr 2025

    55 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. 🚨Alert🚨 CVE-2025-42599 : An Active! Mail Zero-Day Remote Code Execution https://t.co/7pTkYIsKnC affects Active! mail 6 BuildInfo: 6.60.05008561 and earlier versions. 📊1.3K+ Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/KdE7rJFb5z 👇Query

    @HunterMapping

    23 Apr 2025

    2395 Impressions

    13 Retweets

    41 Likes

    16 Bookmarks

    0 Replies

    0 Quotes

  16. Active! MailのRCE脆弱性、日本の組織への攻撃で悪用される(CVE-2025-42599) https://t.co/pvAOqLLkR2 #Security #セキュリティ #ニュース

    @SecureShield_

    23 Apr 2025

    130 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. 🚨 A critical RCE vulnerability (CVE-2025-42599) in Active! Mail is being exploited in Japan, impacting many organizations. CVSS: 9.8. Users should update to version 6.60. 🚀 #Japan #ActiveMail #DataBreach link: https://t.co/gzAJhTZzLA https://t.co/at8peITsJZ

    @TweetThreatNews

    23 Apr 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. 🚨 Zero-day in Active! Mail (CVE-2025-42599) is under active attack in Japan, leading to RCE. If you're using Active! Mail, especially in Japan, update ASAP! ➡️ Patch now to protect against potential breaches. #Cybersecurity #ZeroDay #RCE https://t.co/U728SkB6aq

    @fernandokarl

    22 Apr 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. Active! Mailの脆弱性CVE-2025-42599が海外でも話題に。日本への大企業への攻撃で使用されたとの記載のほか、カゴヤインターネットやWADAXがサービスを停止したことが記載されている。マクニカの @nekono_naha 氏は少なくとも227インスタンスがインターネットに露出と指摘。 https://t.co/7jIrd3kqox

    @__kokumoto

    22 Apr 2025

    6698 Impressions

    29 Retweets

    68 Likes

    23 Bookmarks

    0 Replies

    1 Quote

  20. [CVE-2025-42599: CRITICAL] Critical vulnerability in Active! mail 6 BuildInfo: 6.60.05008561 & earlier allows remote attackers to execute arbitrary code or cause denial of service. Update ASAP to stay secure.#cve,CVE-2025-42599,#cybersecurity https://t.co/M2BPkUeIbF https://t

    @CveFindCom

    22 Apr 2025

    145 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. 🚨 Threat Alert: IIJ Cyberattack via Active! mail Zero-Day Vulnerability (CVE-2025-42599) 📅 Date: 2025-04-15 📆 Timeline: Attack disclosed on April 15, 2025; traces of unauthorized access from August 3, 2024. 📍 Location: Japan 📌 Attribution: Mandiant attributes the exploit

    @syedaquib77

    21 Apr 2025

    339 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    3 Replies

    0 Quotes

  22. CVE-2025-42599: Critical Buffer Overflow in Active! mail Exploited in the Wild - https://t.co/lkgoVIWsKu

    @moton

    21 Apr 2025

    88 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. IIJ セキュアMXサービスの漏洩のやつ… Active Mail の脆弱性(CVE-2025-42599)が関係しているのかはっきりプレスリリース出してほしい感ある…

    @umiushizn

    21 Apr 2025

    406 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. A critical vulnerability (CVE-2025-42599) in Active! mail allows remote attackers to execute arbitrary code, risking data breaches and service disruptions. Update now! ⚠️ #CVE2025 #DataSecurity #Japan link: https://t.co/4DdNPiiYFr https://t.co/PSJnwJgTxR

    @TweetThreatNews

    21 Apr 2025

    315 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    0 Replies

    0 Quotes

  25. CVE-2025-42599: Critical Buffer Overflow in Active! mail Exploited in the Wild https://t.co/b2dKFiLp5g

    @Dinosn

    21 Apr 2025

    3579 Impressions

    2 Retweets

    17 Likes

    11 Bookmarks

    0 Replies

    0 Quotes

  26. IIJの情報漏洩は国産WebメールのActive! mail(CVE-2025-42599)だそうですが、企業環境で利用されているソフトウェアの脆弱性に起因したインシデントとのこと。これを防ぐことは非常に難しい一方で、未知の攻撃であっても気付く為の監視が必要だと感じます。 https://t.co/cwZz8Mlmn3

    @x64koichi

    21 Apr 2025

    13556 Impressions

    28 Retweets

    124 Likes

    40 Bookmarks

    2 Replies

    0 Quotes

  27. IIJへの不正アクセスによるサイバー攻撃、Active! mailのゼロデイ脆弱性を悪用か(CVE-2025-42599) #セキュリティ対策Lab #セキュリティ #Security https://t.co/LgWplBmE1I

    @securityLab_jp

    21 Apr 2025

    833 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  28. 「Active! mail 6」の修正版(BuildInfo: 6.60.06008562)をリリース スタックベースのバッファオーバーフローという深刻な脆弱性への対応です。攻撃により、任意コードの実行やサービス停止(DoS)が可能になるため、ただちにアップデートするよう強く推奨しています。 CVE-2025-42599 CVSS 9.8 https://t.co/yq6PgLI10C

    @t_nihonmatsu

    19 Apr 2025

    10676 Impressions

    7 Retweets

    12 Likes

    2 Bookmarks

    0 Replies

    1 Quote

  29. 🚨 CVE-2025-42599 ⚠️🔴 CRITICAL (9.8) 🏢 QUALITIA CO., LTD. - Active! mail 6 🏗️ BuildInfo: 6.60.05008561 and earlier 🔗 https://t.co/UUeaxYFonJ 🔗 https://t.co/rVj7EM3u4w #CyberCron #VulnAlert #InfoSec https://t.co/UFQezOiQmB

    @cybercronai

    18 Apr 2025

    16 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  30. JPCERT/CCが悪用が確認された脆弱性 #KEV を注意喚起しました。 CVE-2025-42599 Active! mailにおけるスタックベースのバッファオーバーフローの脆弱性 ============= CVSSスコア:9.8 (Base) / JPCERT/CC CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 種別:その他(CWE-Other / IPA)

    @piyokango

    18 Apr 2025

    11455 Impressions

    44 Retweets

    106 Likes

    28 Bookmarks

    0 Replies

    3 Quotes

  31. 国産WebメールのActive! mailでCVE-2025-42599が悪用され国内でも侵害が確認されているとのこと。Shodan等で攻撃対象面のWebログイン画面露出サーバを調査すると捕捉漏れ可能性ありますがユニークIPで227台を発見、内63台が学校系での利用です。 https://t.co/dU8iKleX9G https://t.co/JLfQVTakX7

    @nekono_naha

    18 Apr 2025

    25939 Impressions

    216 Retweets

    376 Likes

    113 Bookmarks

    0 Replies

    8 Quotes

  32. Active! mail! でスタックベースのバッファオーバーフローの脆弱性 既にゼロデイ攻撃に悪用を確認(CVE-2025-42599) #セキュリティ対策Lab #セキュリティ #Security https://t.co/gIN4R1bLmF

    @securityLab_jp

    18 Apr 2025

    330 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations