Guess by now you have heard about the Exim vulnerability on version 4.91 and earlier. Exim mail server is widely used in cPanel. If you are using cPanel with the latest updates, your Exim is probably patched.
You can ensure the cPanel Exim is patched by logging to your VPS or server as root through SSH Type this command:
rpm -q --changelog exim | grep CVE-2019-15846
If you get a response like this – Applied upstream patch for CVE-2019-15846
Your Exim is patched with the new build 4.92 #5
However, for those still using EA3, the update is blocked and you need to migrate to EA4. You can do it from your WHM. The migration from EA3 to EA4 is pretty straight forward. The only reason, some is still in EA3 is because they have concerns on their website PHP compatibility since EA4 support minimum PHP 5.5 which is EOL too.
We strongly recommended you should upgrade to EA4 to get the Exim update immediately. Alternatively, if you have to use a lower PHP version, you can consider using CloudLinux since they have hardened the lower PHP versions ad the lower versions are available from the PHP selector.