"In an advisory published on Thursday, the NSA said that the Sandworm
group was actively exploiting a vulnerability in Exim, an open-source mail
transfer agent for Unix-based operating systems. Tracked as
CVE-2019-10149, the critical bug makes it possible for an unauthenticated
remote attacker to send specially crafted emails that execute commands
with root privileges."