CVE-2025-34418
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-10

Last updated on: 2025-12-10

Assigner: VulnCheck

Description
MailEnable versions prior to 10.54 contain an unsafe DLL loading vulnerability that can lead to local arbitrary code execution. The MailEnable administrative executable attempts to load MEAIMF.DLL from its installation directory without sufficient integrity validation or a secure search order. A local attacker with write access to that directory can plant a malicious MEAIMF.DLL, which is then loaded when the executable starts, resulting in execution of attacker-controlled code with the privileges of the process.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-10
Last Modified
2025-12-10
Generated
2026-05-06
AI Q&A
2025-12-10
EPSS Evaluated
2026-05-05
NVD
CVE-2025-34418
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
mailenable mailenable *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-427 The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an unsafe DLL loading issue in MailEnable versions prior to 10.54. The MailEnable administrative executable loads a DLL named MEAIMF.DLL from its installation directory without properly verifying its integrity or using a secure search order. A local attacker who has write access to that directory can place a malicious MEAIMF.DLL file there. When the executable starts, it loads this malicious DLL, allowing the attacker to execute arbitrary code with the privileges of the process.


How can this vulnerability impact me? :

This vulnerability can allow a local attacker with write access to the MailEnable installation directory to execute arbitrary code with the privileges of the MailEnable administrative process. This could lead to unauthorized actions on the system, potentially compromising the server or gaining elevated privileges.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection involves checking the MailEnable installation directory for the presence of a suspicious or unauthorized MEAIMF.DLL file that could be maliciously planted. Since the vulnerability requires local write access to the directory, verifying file integrity and permissions on MEAIMF.DLL is critical. Commands to list and verify the DLL include: 1) On Windows, use 'dir /a /b "<MailEnable_install_dir>\MEAIMF.DLL"' to check if the DLL exists. 2) Use 'icacls "<MailEnable_install_dir>\MEAIMF.DLL"' to review permissions. 3) Use 'sigcheck' or 'Get-AuthenticodeSignature' PowerShell cmdlet to verify the digital signature of MEAIMF.DLL. 4) Monitor process loads or use tools like Process Monitor to detect if MEAIMF.DLL is loaded unexpectedly. These steps help identify if the DLL has been tampered with or replaced by an attacker.


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include: 1) Restrict write permissions to the MailEnable installation directory to prevent unauthorized users from placing or modifying MEAIMF.DLL. 2) Upgrade MailEnable to version 10.54 or later, where this unsafe DLL loading vulnerability is fixed. 3) Monitor and audit the directory for unexpected changes to MEAIMF.DLL. 4) Consider running the MailEnable administrative executable with the least privileges necessary to limit impact if exploited.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart