CVE-2023-42114
Published: 03 May 2024
Summary
CVE-2023-42114 is a medium-severity Out-of-bounds Read (CWE-125) vulnerability in Exim Exim. Its CVSS base score is 5.3 (Medium).
Operationally, ranked in the top 5.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
CVE-2023-42114 is an out-of-bounds read vulnerability in Exim that permits information disclosure. The flaw resides in the handling of NTLM challenge requests, where insufficient validation of user-supplied data allows a read past the end of an allocated structure. It affects Exim installations and carries a CVSS score of 5.3 under CWE-125.
Remote attackers can exploit the issue without authentication or user interaction by sending crafted NTLM challenge requests, resulting in disclosure of sensitive information in the context of the Exim service account.
Advisories from the Zero Day Initiative, originally tracked as ZDI-CAN-17433, and the Debian LTS announcement detail the vulnerability and direct administrators to apply available updates for affected Exim versions. The EPSS score has remained flat at 0.1389 with no material increase since disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-46573
Vulnerability details
Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NTLM challenge…
more
requests. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated data structure. An attacker can leverage this vulnerability to disclose information in the context of the service account. . Was ZDI-CAN-17433.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.