Remote code execution in Cisco Secure Email Gateway



Risk Critical
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2024-20401
CWE-ID CWE-22
Exploitation vector Network
Public exploit N/A
Vulnerable software
Secure Email Gateway
Other software / Other software solutions

Cisco AsyncOS for Secure Email Gateway
Operating systems & Components / Operating system

Vendor Cisco Systems, Inc

Security Bulletin

This security bulletin contains one critical risk vulnerability.

1) Path traversal

EUVDB-ID: #VU94505

Risk: Critical

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-20401

CWE-ID: CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Exploit availability: No

Description

The vulnerability allows a remote attacker to overwrite arbitrary files on the system.

The vulnerability exists due to input validation error when processing email attachments if file analysis and content filters are enabled. A remote attacker can send a specially crafted email attachment and overwrite arbitrary files on the system with root privileges.

Successful exploitation of the vulnerability may result in complete system compromise.

Mitigation

Install update from vendor's website.

Vulnerable software versions

Secure Email Gateway: before 13.0.5-007

Cisco AsyncOS for Secure Email Gateway: before 13.0.5-007

CPE2.3 External links

http://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwj53998


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###