Active! Mail RCE flaw exploited in attacks on Japanese orgs - #CVE-2025-42599
A critical buffer overflow vulnerability (CVE-2025-42599) has been discovered in Active! mail, a widely used web-based email client in Japan, affecting versions up to 6.60.05008561. With a CVSS score of 9.8, this flaw allows unauthenticated remote attackers to execute arbitrary code or cause denial-of-service conditions. The vulnerability is being actively exploited, targeting large corporations, universities, government agencies, and banks. In response, QUALITIA CO., LTD. has released an updated version (6.60.06008562) to address the issue. Japan's CERT has confirmed the exploitation and recommended immediate updates and mitigation steps, including configuring Web Application Firewalls. Security researchers have identified at least 227 potentially vulnerable internet-exposed Active! servers, with 63 being used by universities.