Overview
An update has been released to address vulnerabilities in the Cellopoint products. Users of the affected versions are advised to update to the latest version.
Affected Products
CVE-2024-6744
- Secure Email Gateway version: ~ 4.5.0 (inclusive)
Resolved Vulnerabilities
Buffer overflow vulnerability due to SMTP listener in Cellopoint’s Secure Email Gateway not properly validating user input (CVE-2024-6744)
Vulnerability Patches
The following product-specific vulnerability patches are available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.
CVE-2024-6744
- Secure Email Gateway version: Build_20240529 or later
References
[1] CVE-2024-6744 Detail
https://nvd.nist.gov/vuln/detail/CVE-2024-6744
[2] Cellopoint Secure Email Gateway – Stack-based Buffer Overflow
https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html
Article Link: Cellopoint Product Security Update Advisory (CVE-2024-6744) – ASEC