Zero-Click FreeScout Bug Enables Remote Code Execution
ATT&CK techniques detected
T1190Exploit Public-Facing Application
91%
"zero - click freescout bug enables remote code execution security researchers have urged freescout customers to patch a maximum - severity remote code execution ( rce ) vulnerability which needs no user interaction to achieve full system compromise. cve ‑ 2026 ‑ 28289 ( mail2shel…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1195Supply Chain Compromise
37%
"day disclosure policy was designed to ensure vendors have more time to perform root cause and variant analysis. in 2022, trend micro ’ s zero day initiative ( zdi ) also complained about poor patch quality across industry, warning that it could be costing customers upwards of $ 4…"
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Ox Security warns that Mail2Shell could enable threat actors to hijack FreeScout systems without user interaction