CVE-2024-35187

Name of the Vulnerable Software and Affected Versions Stalwart Mail Server versions prior to 0.8.0

Description The issue affects Stalwart Mail Server, an open-source mail server, where attackers who achieved Arbitrary Code Execution as the stalwart-mail user, including web interface admins, can gain complete root access to the system. This is because the service, although run as a separate user, can regain full privileges, making the usual protection against such attacks ineffective. Server admins who provided admin credentials to the mail server without intending to grant complete root access, as well as users attacked via another vulnerability leading to Arbitrary Code Execution, may be vulnerable.

Recommendations For versions prior to 0.8.0, update to version 0.8.0 or later to patch the issue. As a temporary workaround, consider restricting access to the mail server and its admin credentials to minimize the risk of exploitation. Ensure that system services are properly isolated to prevent the escalation of privileges in case of a successful attack.