Alert: CISA Warns of Active ‘Roundcube’ Email Attacks – Patch Now

Feb 13, 2024NewsroomVulnerability / Email Security

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.

The issue, tracked as CVE-2023-43770 (CVSS score: 6.1), relates to a cross-site scripting (XSS) flaw that stems from the handling of linkrefs in plain text messages.

“Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that can lead to information disclosure via malicious link references in plain/text messages,” CISA said.


According to a description of the bug on NIST’s National Vulnerability Database (NVD), the vulnerability impacts Roundcube versions before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3.

The flaw was addressed by Roundcube maintainers with version 1.6.3, which was released on September 15, 2023. Zscaler security researcher Niraj Shivtarkar has been credited with discovering and reporting the vulnerability.

It’s currently not known how the vulnerability is being exploited in the wild, but flaws in the web-based email client have been weaponized by Russia-linked threat actors like APT28 and Winter Vivern last year.

U.S. Federal Civilian Executive Branch (FCEB) agencies have been mandated to apply vendor-provided fixes by March 4, 2024, to secure their networks against potential threats.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.
Cyber Security

Articles You May Like

Apple’s 4th Generation AirPods, AirPods Max Could Arrive in Late 2024: Report
U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders
Gboard Tests ‘Scan Text’ Feature to Insert Text from Captured Images: How it Works
Elden Ring’s Shadow of Erdtree Expansion to Get Gameplay Reveal Trailer on February 21
A New Age of Hacktivism

Leave a Reply

Your email address will not be published. Required fields are marked *