I was caught off guard recently by this post on the official Interspire Forums:
So, a good friend and IEM user decided to contact the person who sent this email to see if he could learn more about the exploit being used.
The sender, who I will refer to as the “hacker” moving forward responded to the inquiry. He is essentially selling a guide to “how to hack IEM” which allows anyone to enter any IEM install and use it as if the user had a system admin account. You can send email, export contacts etc. The price for this valuable hacker guide… $7000.
In doing some searching we found this previous thread in the official Interspire Forum:
So, my friend decided to put it to a test. He asked the hacker to prove it could be done and directed him to an IEM install version 6.1.5. The hacker returned with proof of the results. It was definitive. He had full access to everything in the install.
Next my friend directed him to an IEM install version 6.1.6. The hacker was unable to penetrate.
So there you have it. You had better upgrade to 6.1.6.