Type
Campaign
Actors
Pub. date
May 28, 2020
Initial access
1-day vulnerability
Impact
Targeted technologies
Status
Stub
Last edited
Jun 2, 2024 8:02 AM
On May 28, 2020, the NSA released a cybersecurity advisory on Russian APT group Sandworm exploiting CVE-2019-10149, a vulnerability in Exim Mail Transfer Agent (MTA) software. An unauthenticated remote attacker can use this vulnerability to send a specially crafted email to execute commands with root privileges, allowing the attacker to install programs, modify data, and create new accounts.