Cellopoint Product Security Update Advisory (CVE-2024-6744)

Overview

 

An update has been released to address vulnerabilities in the Cellopoint products. Users of the affected versions are advised to update to the latest version.

Affected Products

 

CVE-2024-6744

  • Secure Email Gateway version: ~ 4.5.0 (inclusive)

 

 

Resolved Vulnerabilities

 

Buffer overflow vulnerability due to SMTP listener in Cellopoint’s Secure Email Gateway not properly validating user input (CVE-2024-6744)

 

Vulnerability Patches

 

The following product-specific vulnerability patches are available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

 

CVE-2024-6744

  • Secure Email Gateway version: Build_20240529 or later

 

 

References

 

[1] CVE-2024-6744 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-6744

[2] Cellopoint Secure Email Gateway – Stack-based Buffer Overflow

https://www.twcert.org.tw/en/cp-139-7937-acbb5-2.html

Article Link: Cellopoint Product Security Update Advisory (CVE-2024-6744) – ASEC