We are scanning & reporting IceWarp CVE-2025-14500 (CVSS 9.8, pre-auth command injection RCE) instances. 1278 IPs seen 2026-03-01 (version based check).
Patch info: https://support.icewarp.com/hc/en-us/community/posts/40040980098705-EPOS-Update-2-build-9-14-2-0-9
IP data in https://www.shadowserver.org/what-we-do/network-reporting/vulnerable-http-report/
Dashboard World Map view: https://dashboard.shadowserver.org/statistics/combined/map/?date_range=1&map_type=std&source=http_vulnerable&source=http_vulnerable6&tag=cve-2025-14500%2B&data_set=count&scale=log&auto_update=on
If you receive an alert from us, please update!
NVD entry: https://nvd.nist.gov/vuln/detail/cve-2025-14500
Background: https://www.zerodayinitiative.com/advisories/ZDI-25-1072/