A Police Cyber Protect Initiative
The Police Cyber Protect team within the South-East Regional Organised Crime Unit (SEROCU) are working with industry, academia and other law enforcement partners in developing a free, innovative and pro-active network vulnerability notification service under Operation Configured.
Operation Configured is a programme that identifies those organisations within the region, that online research indicates have one or more known cyber vulnerabilities or otherwise at risk of being exploited and notifying those organisations so that they can mitigate the risk prior to potential cyber-attacks. The purpose of Operation Configured is to prevent cyber-criminals from having sufficient opportunity to exploit these vulnerabilities, thereby reducing the likelihood of an cyber-attack or the impact of one.
The South-East region involved in this pilot phase is Hampshire, Surrey, West Sussex, East Sussex, Berkshire, Oxfordshire and Buckinghamshire. However, due to lack of information in the open source data to accurately establish the geographic location of organisations on the internet, it is possible those outside these counties may be contacted.
IMPORTANT: While SEROCU are notifying organisations of this vulnerability, Officers from the team will NOT be asking for any information or other details. They will only be providing information. Any unsolicited contact claiming to be from the Police should always be treated with caution. For more information read about Verifying Authenticity.
The following vulnerabilities or risks are or have been reviewed and notifications are currently being sent to organisations who may be affected by these. If you know the name or CVE number for the vulnerability you have been notified of, you can also use the search box.
EXIM Vulnerability (CVE-2019-10149)
The vulnerability described on this and the following pages affects various Exim products between versions Exim 4.87 – 4.91. If you use EXIM between 4.87 – 4.91) as a Mail Transfer Agent, you may be at risk of these vulnerabilities.
Draytek Vigor Router Vulnerability (CVE-2022-32548)
The vulnerability described on this and the following pages affects various models of ‘Draytek Vigor’ routers which have not had the firmware updated and the list below details the affected models and firmware versions.
EXIM Vulnerability (CVE-2019-13917)
The vulnerability described on this and the following pages affects various Exim products between versions Exim 4.87 – 4.91. If you use EXIM between 4.85 – 4.92) as a Mail Transfer Agent, you may be at risk of these vulnerabilities.
A series of 3 vulnerabilities collectively known as Proxyshell. They affect various versions of ‘on-premise’ Microsoft Exchange email server and the potential is impact rated as critical.
A series of 4 vulnerabilities collectively known as Proxylogon. They affect various versions of ‘on-premise’ Microsoft Exchange email server and the potential is impact rated as critical.