Symantec Messaging Gateway Buffer Overflow
CVE-2024-23614

9.8CRITICAL

Key Information:

Vendor: Symantec
Status: Messaging Gateway
Vendor: CVE Published:; 26 January 2024

Summary

A buffer overflow vulnerability has been identified in Symantec Messaging Gateway versions 9.5 and earlier. This weakness allows remote, anonymous attackers to exploit the system and execute arbitrary code with root privileges. The vulnerability poses significant risks to the security and functionality of messaging infrastructures, highlighting the importance of timely software updates and patches to mitigate potential threats.

Affected Version(s)

Messaging Gateway Linux 0 <= 9.5

References

https://blog.exodusintel.com/2024/01/25/symantec-messagin...

third-party-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jan 26, 2024
Vulnerability Reserved
Jan 18, 2024

Credit

Exodus Intelligence