A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 9.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.
The vulnerability consists of a buffer overflow (stack buffer overflow) in the Symantec Messaging Gateway component. An attacker can send specially crafted network data without needing any credentials or user interaction. This enables memory overwriting and hijacking of program execution flow control, leading to arbitrary code execution.
An attacker can gain the ability to execute arbitrary code remotely (RCE) with root privileges, which means complete takeover of the system, including access to processed email messages and the ability to perform further lateral movement in the network.
Patches available from the vendor should be applied according to the references. Due to the critical nature of the vulnerability (CVSS 10.0, RCE as root without authentication), the update should be carried out as a priority. Until the patch is deployed, it is recommended to restrict access to the device at the firewall level to trusted IP addresses only.
Broadcom Symantec Messaging Gateway version 9.5 and earlier
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:NBroadcom Symantec Messaging Gateway
APPBroadcom≤ 9.5
Related vulnerabilities
Buffer overflow w Broadcom Symantec Messaging Gateway umożliwiający RCE jako root
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Exten...
A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privilege...
A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory serve...
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password ...