# Security Updates - CVE-2020-10541 | ManageEngine OpUtils

## CVE-2020-10541

### Remote Code Execution (RCE) vulnerability in Mail Server Settings v1 APIs

## Vulnerability Details

| Field | Details |
|---|---|
| Impact | **CVSS V3 rating: NA** |
| Reported | 13th March 2020 |
| Reported by | Jason Nordenstam |
| Fixed | 13th March 2020 |
| Affected Builds | Builds till 124171 |
| Fixed in | Build 124172 |
| Overview | Remote Code Execution (RCE) vulnerability in Mail Server Settings |
| Recommended Fix | **Upgrade to [OpUtils Version 12.4.172](https://www.manageengine.com/products/oputils/service-packs.html?124172cve) or above.** |

### Description

The obsolete code causing Remote Code Execution (RCE) vulnerability in Mail Server Settings v1 APIs have been removed.

We recommend that you [upgrade to OpUtils version 12.4.172](https://www.manageengine.com/products/oputils/service-packs.html?124172cve) or contact our support team at [oputils-support@manageengine.com](mailto:oputils-support@manageengine.com) to fix this issue.

### Source and Acknowledgements

Find out more about CVE-2020-10541 from the [CVE dictionary](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10541).

### Need Help?

For clarification or corrections please contact our [support team](https://www.manageengine.com/network-monitoring/support.html) or email us at [oputils-support@manageengine.com](mailto:oputils-support@manageengine.com).