CVE-2025-42599
Published Apr 18, 2025
Last updated 9 days ago
AI description
CVE-2025-42599 is a stack-based buffer overflow vulnerability found in Active! mail 6 BuildInfo version 6.60.05008561 and earlier. This vulnerability can be exploited by a remote, unauthenticated attacker sending a specially crafted request. Successful exploitation could lead to arbitrary code execution or a denial-of-service (DoS) condition.
- Description
- Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition.
- Source
- vultures@jpcert.or.jp
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
CVSS 3.0
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability
- Exploit added on
- Apr 28, 2025
- Exploit action due
- May 19, 2025
- Required action
- Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- vultures@jpcert.or.jp
- CWE-121
- Hype score
- Not currently trending
Active! mail の脆弱性 CVE-2025-42599 が FIX:任意のコード実行やサービス拒否の可能性 https://t.co/qlLxnyopig 本ブログでは初登場の Active! mail ですが、公式 Web サイトによると、これまでに累計
@iototsecnews
6 May 2025
131 Impressions
2 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Qualitia Sécurité, La CISA confirme l’exploitation active de la Vulnérabilité CVE-2025-42599 dans Active! Mail. Alerte CISA publiée le 28 avril 2025 dans son catalogue KEV. https://t.co/KYIzxWadv3
@NicolasCoolman
5 May 2025
75 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-42599
@transilienceai
3 May 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CISAのKEVにQualitia Active! Mail 脆弱性(CVE-2025-42599)CVSS9.8 Critical が登録されました。 スタックベースのバッファオーバーフローにより、遠隔・未認証の攻撃者が「任意コード実行」や「DoS攻撃」を起こせるリスク
@t_nihonmatsu
29 Apr 2025
358 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-42599
@transilienceai
29 Apr 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
JPCERTから先日注意喚起が出されていたActive! Mail の脆弱性(CVE-2025-42599)がCISAの悪用が確認されている脆弱性カタログにも追加されましたね。 https://t.co/beFrNTiPdL
@ntsuji
29 Apr 2025
7571 Impressions
9 Retweets
36 Likes
4 Bookmarks
1 Reply
1 Quote
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-42599 #Qualitia Active! Mail Stack-Based Buffer Overflow Vulnerability https://t.co/V2woxlf8ZE
@ScyScan
28 Apr 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Active mail の脆弱性 / CVE-2025-42599 がKEVに登録されました Active! mail 6 BuildInfo: https://t.co/KHPMbAGQB2
@shojiueda
28 Apr 2025
206 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
🛡️ We added Brocade Fabric OS, Commvault Web Server & Qualitia Active! mail vulnerabilities CVE-2025-1976, CVE-2025-3928 & CVE-2025-42599 to our Known Exploited Vulnerabilities Catalog. Visit https://t.co/myxOwap1Tf & apply mitigations to protect your org from c
@CISACyber
28 Apr 2025
7101 Impressions
35 Retweets
56 Likes
8 Bookmarks
2 Replies
1 Quote
Actively exploited CVE : CVE-2025-42599
@transilienceai
28 Apr 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-42599の影響だけど、身近で起こっている感じなので、職場で利用しているパスワードを個人用で使い回してたら超危険です。まずは速攻で変更しましょう!二要素認証も忘れずに!
@hisao8000
25 Apr 2025
33 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
情報処理安全確保支援士の問2のEPSS値って信用足りるのかな?と思って 『Active! mailの脆弱性 (CVE-2025-42599)』 を見てみた https://t.co/gx9BtQNtby 30日以内に悪用される可能性: 0.22% 私の判断は正しかったわ。 これ狙うのが容易だから緊急性あると判断したが、これ使ってたら見逃してただろう https://t.co/lVOWm85v3o
@lyiase
24 Apr 2025
809 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-42599 : Active! Mail RCE flaw exploited in attacks on Japanese orgs https://t.co/ooVrv0qtFy
@freedomhack101
24 Apr 2025
51 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Active! mailの脆弱性「CVE-2025-42599」を考察 | トレンドマイクロ (JP) - Trend Micro https://t.co/xEMRqBsEld #izumino_trend
@sec_trend
23 Apr 2025
55 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 CVE-2025-42599 : An Active! Mail Zero-Day Remote Code Execution https://t.co/7pTkYIsKnC affects Active! mail 6 BuildInfo: 6.60.05008561 and earlier versions. 📊1.3K+ Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/KdE7rJFb5z 👇Query
@HunterMapping
23 Apr 2025
2395 Impressions
13 Retweets
41 Likes
16 Bookmarks
0 Replies
0 Quotes
Active! MailのRCE脆弱性、日本の組織への攻撃で悪用される(CVE-2025-42599) https://t.co/pvAOqLLkR2 #Security #セキュリティ #ニュース
@SecureShield_
23 Apr 2025
130 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 A critical RCE vulnerability (CVE-2025-42599) in Active! Mail is being exploited in Japan, impacting many organizations. CVSS: 9.8. Users should update to version 6.60. 🚀 #Japan #ActiveMail #DataBreach link: https://t.co/gzAJhTZzLA https://t.co/at8peITsJZ
@TweetThreatNews
23 Apr 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Zero-day in Active! Mail (CVE-2025-42599) is under active attack in Japan, leading to RCE. If you're using Active! Mail, especially in Japan, update ASAP! ➡️ Patch now to protect against potential breaches. #Cybersecurity #ZeroDay #RCE https://t.co/U728SkB6aq
@fernandokarl
22 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Active! Mailの脆弱性CVE-2025-42599が海外でも話題に。日本への大企業への攻撃で使用されたとの記載のほか、カゴヤインターネットやWADAXがサービスを停止したことが記載されている。マクニカの @nekono_naha 氏は少なくとも227インスタンスがインターネットに露出と指摘。 https://t.co/7jIrd3kqox
@__kokumoto
22 Apr 2025
6698 Impressions
29 Retweets
68 Likes
23 Bookmarks
0 Replies
1 Quote
[CVE-2025-42599: CRITICAL] Critical vulnerability in Active! mail 6 BuildInfo: 6.60.05008561 & earlier allows remote attackers to execute arbitrary code or cause denial of service. Update ASAP to stay secure.#cve,CVE-2025-42599,#cybersecurity https://t.co/M2BPkUeIbF https://t
@CveFindCom
22 Apr 2025
145 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Threat Alert: IIJ Cyberattack via Active! mail Zero-Day Vulnerability (CVE-2025-42599) 📅 Date: 2025-04-15 📆 Timeline: Attack disclosed on April 15, 2025; traces of unauthorized access from August 3, 2024. 📍 Location: Japan 📌 Attribution: Mandiant attributes the exploit
@syedaquib77
21 Apr 2025
339 Impressions
0 Retweets
0 Likes
0 Bookmarks
3 Replies
0 Quotes
CVE-2025-42599: Critical Buffer Overflow in Active! mail Exploited in the Wild - https://t.co/lkgoVIWsKu
@moton
21 Apr 2025
88 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
IIJ セキュアMXサービスの漏洩のやつ… Active Mail の脆弱性(CVE-2025-42599)が関係しているのかはっきりプレスリリース出してほしい感ある…
@umiushizn
21 Apr 2025
406 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
A critical vulnerability (CVE-2025-42599) in Active! mail allows remote attackers to execute arbitrary code, risking data breaches and service disruptions. Update now! ⚠️ #CVE2025 #DataSecurity #Japan link: https://t.co/4DdNPiiYFr https://t.co/PSJnwJgTxR
@TweetThreatNews
21 Apr 2025
315 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
CVE-2025-42599: Critical Buffer Overflow in Active! mail Exploited in the Wild https://t.co/b2dKFiLp5g
@Dinosn
21 Apr 2025
3579 Impressions
2 Retweets
17 Likes
11 Bookmarks
0 Replies
0 Quotes
IIJの情報漏洩は国産WebメールのActive! mail(CVE-2025-42599)だそうですが、企業環境で利用されているソフトウェアの脆弱性に起因したインシデントとのこと。これを防ぐことは非常に難しい一方で、未知の攻撃であっても気付く為の監視が必要だと感じます。 https://t.co/cwZz8Mlmn3
@x64koichi
21 Apr 2025
13556 Impressions
28 Retweets
124 Likes
40 Bookmarks
2 Replies
0 Quotes
IIJへの不正アクセスによるサイバー攻撃、Active! mailのゼロデイ脆弱性を悪用か(CVE-2025-42599) #セキュリティ対策Lab #セキュリティ #Security https://t.co/LgWplBmE1I
@securityLab_jp
21 Apr 2025
833 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
「Active! mail 6」の修正版(BuildInfo: 6.60.06008562)をリリース スタックベースのバッファオーバーフローという深刻な脆弱性への対応です。攻撃により、任意コードの実行やサービス停止(DoS)が可能になるため、ただちにアップデートするよう強く推奨しています。 CVE-2025-42599 CVSS 9.8 https://t.co/yq6PgLI10C
@t_nihonmatsu
19 Apr 2025
10676 Impressions
7 Retweets
12 Likes
2 Bookmarks
0 Replies
1 Quote
🚨 CVE-2025-42599 ⚠️🔴 CRITICAL (9.8) 🏢 QUALITIA CO., LTD. - Active! mail 6 🏗️ BuildInfo: 6.60.05008561 and earlier 🔗 https://t.co/UUeaxYFonJ 🔗 https://t.co/rVj7EM3u4w #CyberCron #VulnAlert #InfoSec https://t.co/UFQezOiQmB
@cybercronai
18 Apr 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
JPCERT/CCが悪用が確認された脆弱性 #KEV を注意喚起しました。 CVE-2025-42599 Active! mailにおけるスタックベースのバッファオーバーフローの脆弱性 ============= CVSSスコア:9.8 (Base) / JPCERT/CC CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 種別:その他(CWE-Other / IPA)
@piyokango
18 Apr 2025
11455 Impressions
44 Retweets
106 Likes
28 Bookmarks
0 Replies
3 Quotes
国産WebメールのActive! mailでCVE-2025-42599が悪用され国内でも侵害が確認されているとのこと。Shodan等で攻撃対象面のWebログイン画面露出サーバを調査すると捕捉漏れ可能性ありますがユニークIPで227台を発見、内63台が学校系での利用です。 https://t.co/dU8iKleX9G https://t.co/JLfQVTakX7
@nekono_naha
18 Apr 2025
25939 Impressions
216 Retweets
376 Likes
113 Bookmarks
0 Replies
8 Quotes
Active! mail! でスタックベースのバッファオーバーフローの脆弱性 既にゼロデイ攻撃に悪用を確認(CVE-2025-42599) #セキュリティ対策Lab #セキュリティ #Security https://t.co/gIN4R1bLmF
@securityLab_jp
18 Apr 2025
330 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:qualitia:active\\!_mail:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FEDBA20F-0447-4160-A33C-9AA85CE37B59",
"versionEndExcluding": "6.60.05008562"
}
],
"operator": "OR"
}
]
}
]