Cyber Resilience

CVE-2025-42599

CriticalCISA KEVActive ExploitationEUVD Exploited

Published: 18 April 2025

Published
18 April 2025
Modified
24 October 2025
KEV Added
28 April 2025
Patch
CVSS Score v3.1 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0790 92.2th percentile
Risk Priority 44 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-42599 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Qualitia Active\! Mail. Its CVSS base score is 9.8 (Critical).

Operationally, ranked in the top 7.8% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.

The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).

Deeper analysis

Active! mail 6 BuildInfo 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability tracked as CVE-2025-42599 and CWE-121. The flaw carries a CVSS 3.1 score of 9.8 and affects the mail server component that processes incoming requests.

A remote unauthenticated attacker can send a specially crafted request over the network to trigger the overflow, resulting in arbitrary code execution or a denial-of-service condition without any user interaction or credentials.

Vendor and coordination advisories are available at the Qualitia and JVN references, while CISA has added the CVE to its Known Exploited Vulnerabilities catalog, confirming observed exploitation in the wild. The associated EPSS score has remained near 0.08 with only a minor peak of 0.0878.

EU & UK References

Vulnerability details

Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition.

CWE(s)
KEV Date Added
28 April 2025

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

qualitia
active\! mail
≤ 6.60.05008562

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly requires timely remediation of known vulnerabilities such as this remotely exploitable buffer overflow before attackers can reach the affected mail server.

prevent

Mandates validation of all input to reject malformed requests that trigger the stack-based buffer overflow (CWE-121).

prevent

Requires memory-protection mechanisms that can block or contain exploitation of stack buffer overflows leading to arbitrary code execution.

References