Critical Cellopoint Secure Email Gateway Flaw Let Attackers Execute Arbitrary Code

A critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as CVE-2024-6744.

This flaw assigned a CVSS score of 9.8, poses a severe risk to organizations using this email security solution.

CVE-2024-6744: A Critical Vulnerability

According to the Twcert report, the vulnerability resides in the Secure Email Gateway’s SMTP Listener component, specifically in versions before 4.5.0. The flaw stems from improper user input validation, leading to a buffer overflow condition.

This weakness allows an unauthenticated, remote attacker to execute arbitrary system commands on the affected server, potentially compromising the entire email infrastructure.

Are you from SOC/DFIR Teams? - Sign up for a free ANY.RUN account! to Analyse Advanced Malware Files

Technical Details

Cellopoint has responded promptly to this critical issue by releasing a patch, Build_20240529, which addresses the vulnerability.

All organizations using the affected versions of Secure Email Gateway must install this patch immediately to mitigate the risk of exploitation.

The discovery of CVE-2024-6744 highlights the ongoing challenges in securing email gateways, which are critical components of enterprise communication infrastructure.

An attacker’s ability to execute arbitrary code remotely without authentication underscores the importance of regular security updates and vigilant monitoring. Cellopoint has been credited with identifying and addressing this vulnerability.

The public disclosure of this flaw on July 15, 2024, aims to ensure that all affected users are aware and can take necessary action to protect their systems.

"Is Your System Under Attack? Try Cynet XDR: Automated Detection & Response for Endpoints, Networks, & Users!"- Free Demo