Stack-Based Buffer Overflow in Active! mail by Qualitia
CVE-2025-42599

9.8CRITICAL

Key Information:

Vendor

Qualitia Co., Ltd.

Status
Active! Mail 6
Vendor
CVE Published:
18 April 2025

Badges

🥇 Trended No. 1📈 Trended📈 Score: 9,330👾 Exploit Exists🟣 EPSS 14%🦅 CISA Reported📰 News Worthy

What is CVE-2025-42599?

CVE-2025-42599 is a vulnerability identified in Active! mail, a product developed by Qualitia Co., Ltd. Designed for email management, Active! mail is utilized by organizations to streamline communication processes. The vulnerability involves a stack-based buffer overflow, which could allow remote, unauthenticated attackers to exploit the system. If successfully executed, this could result in severe repercussions for organizations, including arbitrary code execution or denial-of-service (DoS) conditions, compromising the integrity and availability of email services vital for business operations.

Technical Details

CVE-2025-42599 specifically affects Active! mail versions 6 BuildInfo: 6.60.05008561 and earlier. The vulnerability arises when the application processes specially crafted requests sent by an attacker. Due to the nature of the buffer overflow, the application could overwrite critical areas in memory, leading to unexpected behavior. This could enable attackers to execute arbitrary code, manipulate data, or cause service interruptions.

Potential impact of CVE-2025-42599

  1. Arbitrary Code Execution: Attackers could leverage the vulnerability to run unauthorized commands, potentially leading to full system compromise, data exfiltration, or the installation of malicious software.

  2. Denial of Service (DoS): The exploitation of this vulnerability could result in service disruptions, rendering the email system inoperable. This could severely impact organizational communication and productivity.

  3. Data Integrity Risks: The ability to execute arbitrary code may allow attackers to alter, delete, or corrupt data handled by the Active! mail system, posing significant risks to data integrity and compliance with regulatory requirements.

CISA has reported CVE-2025-42599

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-42599 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Active! mail 6 BuildInfo: 6.60.05008561 and earlier

News Articles

favicon imageCISA (.gov)

CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation

References

https://www.qualitia.com/jp/news/2025/04/18_1030.html
https://jvn.jp/en/jp/JVN22348866/

EPSS Score

14% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

CVSS V3.0

Score:
9.8
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • 📰

    First article discovered by CISA (.gov)

  • 👾

    Exploit known to exist

  • 🦅

    CISA Reported

  • 🥇

    Vulnerability reached the number 1 worldwide trending spot

  • 📈

    Vulnerability started trending

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-42599 : Stack-Based Buffer Overflow in Active! mail by Qualitia