CRITICAL🇵🇱 Wersja polska

CVE-2024-23614

CVSS 10.0v3.1pub. 2024-01-26upd. 2024-11-21

A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.

🤖 AI Analysis
How it works

The vulnerability consists of a buffer overflow (stack buffer overflow) in the Symantec Messaging Gateway component. An attacker can send specially crafted network data without needing any credentials or user interaction. This enables memory overwriting and hijacking of program execution flow control, leading to arbitrary code execution.

Impact

An attacker can gain the ability to execute arbitrary code remotely (RCE) with root privileges, which means complete takeover of the system, including access to processed email messages and the ability to perform further lateral movement in the network.

Mitigation & patch

Patches available from the vendor should be applied according to the references. Due to the critical nature of the vulnerability (CVSS 10.0, RCE as root without authentication), the update should be carried out as a priority. Until the patch is deployed, it is recommended to restrict access to the device at the firewall level to trusted IP addresses only.

Who is affected

Broadcom Symantec Messaging Gateway version 9.5 and earlier

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N
  • Broadcom Symantec Messaging Gateway

    APP
    Broadcom
    ≤ 9.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2024-23615CRITICAL10.0PL ✓ten sam produkt

Buffer overflow w Broadcom Symantec Messaging Gateway umożliwiający RCE jako root

CVE-2014-0160HIGH7.5⚠ KEVten sam produkt

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Exten...

CVE-2020-12594HIGH7.2ten sam produkt

A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privilege...

CVE-2021-30651MEDIUM4.9ten sam produkt

A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory serve...

CVE-2020-12595MEDIUM4.9ten sam produkt

An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password ...