“We would like to thank the Roundcube developers for their quick reply and for patching the vulnerability in such a short time frame,” ESET Research said. ESET said it contacted Roundcube about the vulnerability and that it was patched within a few days. The report also claimed that the victims did not have to interact with the email to trigger the exploit, as it was activated simply by viewing the message in a web browser. “The vulnerability can be used to load arbitrary JavaScript code in the Roundcube webpage, allowing an attacker to access and exfiltrate user’s data such as email messages,” ESET Research said on X. This email was “specially crafted” to trigger the exploit. The report claims Winter Vivern was able to exploit the vulnerability by sending a “legitimate-looking email” about Microsoft Outlook. The report claims that a threat actor known as Winter Vivern began exploiting a Roundcube mail vulnerability to target government entities and a think tank earlier this month.
ESET Research claims this exploit let cyberattackers steal data if a victim simply viewed the malicious email in a web browser.Ī pro-Russian hacking group used a Roundcube exploit to target the emails of European governments, according to a new report by ESET Research.
