A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
The vulnerability is a classic buffer overflow error (buffer overflow, CWE-119/CWE-120) located in the libdec2lha.so library. An attacker can send specially crafted data to the vulnerable component over the network, causing a stack buffer overflow. This allows overwriting critical memory areas and redirecting code execution to an attacker-controlled payload, resulting in code execution with root privileges.
A remote, unauthenticated attacker can obtain full code execution (RCE) with root privileges on the vulnerable system, which means complete takeover of the device — including access to processed email messages, configuration data, and the ability to perform further lateral movement in the network.
Patches available from the vendor should be applied in accordance with the references. Additionally, it is recommended to restrict network access to Symantec Messaging Gateway interfaces exclusively to trusted IP addresses and isolate the device with a firewall until updates are deployed.
Broadcom Symantec Messaging Gateway versions 10.5 and earlier
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HBroadcom Symantec Messaging Gateway
APPBroadcom≤ 10.5
Related vulnerabilities
Buffer overflow w Broadcom Symantec Messaging Gateway umożliwiający RCE jako root
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Exten...
A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privilege...
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory serve...
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password ...