A critical vulnerability (CVE-2019-10149) was found in Exim mail server. It allows to execute some code on victim's server with root privileges. This vulnerability affects versions from 4.87 to 4.91. If you are using Exim and haven't ordered managed service, you should urgently upgrade your version of Exim to 4.92.
General questions about VestaCP
In centos iptables status is retrived with package iptables-services
If you not have it installed my vesta show it as off, but iptables will runing and working fine.
So check if you have iptables-services installed if not just install it
yum install iptables-services