CVE-2025-42599: Critical Buffer Overflow in Active! mail Exploited in the Wild

A severe security vulnerability has been identified in Active! mail, a product of QUALITIA CO., LTD., posing a significant risk to affected systems. The Japan Computer Emergency Response Team (JPCERT) has issued an advisory detailing the flaw, tracked as CVE-2025-42599, which carries a critical CVSS score of 9.8.

The vulnerability is described as a stack-based buffer overflow. This type of flaw occurs when a program writes more data to a buffer located on the stack than it is allocated to hold. In the context of Active! mail, this can have dire consequences.

The affected product is:

• Active! mail 6 BuildInfo: 6.60.05008561 and earlier

According to the JPCERT advisory, “Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition“.

This means that a remote attacker, without needing any login credentials, could potentially execute malicious code on the server or crash the service, leading to a complete disruption of email services. The possibility of arbitrary code execution is particularly alarming, as it could allow attackers to gain full control of the affected server, steal sensitive data, install malware, or use it as a launchpad for further attacks.

It is crucial to emphasize that the developer has stated that “attacks exploiting the vulnerability has been observed“.

To address this critical vulnerability, QUALITIA CO., LTD. has released a patched version of Active! mail. The specific patched version is:

• Active! mail 6 BuildInfo: 6.60.06008562

Recommendations

Given the severity of CVE-2025-42599 and the fact that it is being actively exploited, organizations using Active! mail are strongly urged to take the following actions:

• Immediate Update: Prioritize updating Active! mail to version 6 BuildInfo: 6.60.06008562. This should be done as soon as possible to mitigate the risk of exploitation.
• Security Audit: Conduct a thorough security audit of the affected systems to check for any signs of compromise.
• Network Monitoring: Implement enhanced network monitoring to detect and block any malicious requests targeting the Active! mail server.

Related Posts:

• Linux Kernel Vulnerability Exposes Local Systems to Privilege Escalation, PoC Published
• Buffer Overflows Vulnerabilities: CISA & FBI Issue Urgent Warning
• Some third-party mail app allow employees to read user mails
• iOS 18.3.2 Bug? iCloud Mail Push Notifications Broken