NCSC supports US advisory regarding GRU intrusion set
Sandworm
Published: 2020-05-28 · Archived: 2026-04-06 01:12:29 UTC
News
The US National Security Agency has today published an advisory regarding the GRU - the Russian military
intelligence service.
iStock.com/Jane_Kelly
The advisory relates to the ongoing exploitation of Exim vulnerability CVE-2019-10149 by the GRU.
To mitigate the CVE -2019-10149 vulnerability, providers should update Exim immediately by installing version
4.93 or newer.
The NCSC has previously published an advisory providing details of a number of Exim mail server vulnerabilities
and mitigation advice.
A spokesperson for the NCSC said:
“We support the findings published today in the NSA advisory’s regarding the GRU intrusion set known as
‘Sandworm’.
“We have notified UK providers affected by this activity and have recommended they protect users by patching
the vulnerability.
“The UK and its allies will continue to expose those who conduct hostile and destabilising cyber attacks.”
Published
Publish date
28 May 2020
News type
https://www.ncsc.gov.uk/news/ncsc-supports-sandworm-advisory
Page 1 of 2

Statement
Source: https://www.ncsc.gov.uk/news/ncsc-supports-sandworm-advisory
https://www.ncsc.gov.uk/news/ncsc-supports-sandworm-advisory
Page 2 of 2