CRITICAL🇵🇱 Wersja polska

CVE-2024-23615

CVSS 10.0v3.1pub. 2024-01-26upd. 2024-11-21

A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root.

🤖 AI Analysis
How it works

The vulnerability is a classic buffer overflow error (buffer overflow, CWE-119/CWE-120) located in the libdec2lha.so library. An attacker can send specially crafted data to the vulnerable component over the network, causing a stack buffer overflow. This allows overwriting critical memory areas and redirecting code execution to an attacker-controlled payload, resulting in code execution with root privileges.

Impact

A remote, unauthenticated attacker can obtain full code execution (RCE) with root privileges on the vulnerable system, which means complete takeover of the device — including access to processed email messages, configuration data, and the ability to perform further lateral movement in the network.

Mitigation & patch

Patches available from the vendor should be applied in accordance with the references. Additionally, it is recommended to restrict network access to Symantec Messaging Gateway interfaces exclusively to trusted IP addresses and isolate the device with a firewall until updates are deployed.

Who is affected

Broadcom Symantec Messaging Gateway versions 10.5 and earlier

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Broadcom Symantec Messaging Gateway

    APP
    Broadcom
    ≤ 10.5
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2024-23614CRITICAL10.0PL ✓ten sam produkt

Buffer overflow w Broadcom Symantec Messaging Gateway umożliwiający RCE jako root

CVE-2014-0160HIGH7.5⚠ KEVten sam produkt

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Exten...

CVE-2020-12594HIGH7.2ten sam produkt

A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privilege...

CVE-2021-30651MEDIUM4.9ten sam produkt

A malicious authenticated SMG administrator user can obtain passwords for external LDAP/Active Directory serve...

CVE-2020-12595MEDIUM4.9ten sam produkt

An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password ...