The Exim mail transfer agent software is impacted by a critical severity vulnerability present in versions 4.80 up to and including 4.92.1. The bug allows local or unauthenticated remote attackers to execute programs with root privileges on servers that accept TLS connections. The flaw tracked as CVE-2019-15846 initially reported by ‘Zerons’ on July 21 and analyzed by Qualys’ research team is “exploitable by sending an SNI ending in a backslash-null sequence during the initial TLS handshake”””
Source: https://www.bleepingcomputer.com/news/security/critical-exim-tls-flaw-lets-attackers-remotely-execute-commands-as-root/