CRITICAL🇵🇱 Wersja polska

CVE-2024-23616

CVSS 10.0v3.1pub. 2024-01-26upd. 2024-11-21

A buffer overflow vulnerability exists in Symantec Server Management Suite version 7.9 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM.

🤖 AI Analysis
How it works

The vulnerability results from improper memory handling (CWE-119, CWE-120) in the axengine.exe component, leading to buffer overflow. An attacker can send appropriately crafted data over the network without needing to authenticate in the system. Successful exploitation of the vulnerability allows taking control of the process and executing code in its context.

Impact

An attacker gains the ability to execute arbitrary code (RCE) with SYSTEM account privileges, which means complete takeover of the attacked server, including access to all data and the ability to further spread within the network.

Mitigation & patch

Apply patches available from the manufacturer according to the references. Additionally, it is recommended to restrict network access to the axengine.exe component using firewall rules so that it is accessible only from trusted IP addresses until the update is deployed.

Who is affected

Broadcom Symantec Server Management Suite version 7.9 and earlier

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Broadcom Symantec Server Management Suite

    APP
    Broadcom
    ≤ 7.9
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2021-40438CRITICAL9.0⚠ KEVten sam vendor

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...

CVE-2018-1273CRITICAL9.8⚠ KEVten sam vendor

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain ...

CVE-2025-22248CRITICAL9.4PL ✓ten sam vendor

Bitnami Pgpool: domyślny dostęp bez uwierzytelnienia przez użytkownika 'repmgr'

CVE-2024-3596CRITICAL9.0PL ✓ten sam vendor

Atak przez fałszowanie odpowiedzi w protokole RADIUS (RFC 2865) via kolizja MD5

CVE-2024-23614CRITICAL10.0PL ✓ten sam vendor

Buffer overflow w Broadcom Symantec Messaging Gateway umożliwiający RCE jako root