CVE-2025-42599
Published: 18 April 2025
Summary
CVE-2025-42599 is a critical-severity Stack-based Buffer Overflow (CWE-121) vulnerability in Qualitia Active\! Mail. Its CVSS base score is 9.8 (Critical).
Operationally, ranked in the top 7.8% of CVEs by exploit likelihood; CISA has added it to the Known Exploited Vulnerabilities catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-2 (Flaw Remediation).
Deeper analysis
Active! mail 6 BuildInfo 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability tracked as CVE-2025-42599 and CWE-121. The flaw carries a CVSS 3.1 score of 9.8 and affects the mail server component that processes incoming requests.
A remote unauthenticated attacker can send a specially crafted request over the network to trigger the overflow, resulting in arbitrary code execution or a denial-of-service condition without any user interaction or credentials.
Vendor and coordination advisories are available at the Qualitia and JVN references, while CISA has added the CVE to its Known Exploited Vulnerabilities catalog, confirming observed exploitation in the wild. The associated EPSS score has remained near 0.08 with only a minor peak of 0.0878.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-11849
Vulnerability details
Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition.
- CWE(s)
- KEV Date Added
- 28 April 2025
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly requires timely remediation of known vulnerabilities such as this remotely exploitable buffer overflow before attackers can reach the affected mail server.
Mandates validation of all input to reject malformed requests that trigger the stack-based buffer overflow (CWE-121).
Requires memory-protection mechanisms that can block or contain exploitation of stack buffer overflows leading to arbitrary code execution.