FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial
FeedlyFeedly
CVEsCVEs
Threat IntelligenceThreat Intelligence
Threat IntelligenceThreat Intelligence
Log in
ChangelogChangelog
ChangelogChangelog
Log in
Log in
Start Free Trial
Start Free Trial

Exploit
CVE-2024-9043

Stack-based Buffer Overflow (CWE-121)

Published: Sep 20, 2024 / Updated: 2mo ago

010
CVSS 9.8EPSS 0.09%Critical
CVE info copied to clipboard

Summary

Secure Email Gateway from Cellopoint has a Buffer Overflow Vulnerability in the authentication process. Remote unauthenticated attackers can send crafted packets to crash the process, thereby bypassing authentication and obtaining system administrator privileges.

Impact

This vulnerability has a severe impact. Attackers can exploit it to bypass authentication and gain system administrator privileges, potentially leading to complete system compromise. The vulnerability affects the confidentiality, integrity, and availability of the system, all rated as HIGH impact. Given the CVSS base score of 9.8 (Critical), this vulnerability poses a significant risk to affected systems.

Exploitation

One proof-of-concept exploit is available on github.com. There is no evidence of proof of exploitation at the moment.

Patch

A patch is not explicitly mentioned in the provided data. However, the vulnerability affects Cellopoint Secure Email Gateway versions 4.2.1 to 4.5.0 (inclusive). Organizations should check for updates beyond version 4.5.0 or contact Cellopoint for patching information.

Mitigation

1. Prioritize patching this vulnerability immediately due to its critical severity (CVSS 9.8) and the availability of a proof-of-concept exploit. 2. If immediate patching is not possible, consider temporarily disabling or isolating affected Secure Email Gateway systems. 3. Implement strong network segmentation to limit potential attacker access to the vulnerable systems. 4. Monitor for unusual authentication attempts or system administrator activities. 5. Keep systems updated to the latest available version, and check regularly for security advisories from Cellopoint. 6. Implement additional layers of authentication and access controls where possible. 7. Conduct a thorough security audit of systems that may have been compromised if the vulnerability was exploited before patching.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Timeline

CVE Assignment

NVD published the first details for CVE-2024-9043

Sep 20, 2024 at 11:15 AM
First Article

Feedly found the first article mentioning CVE-2024-9043. See article

Sep 20, 2024 at 11:21 AM / National Vulnerability Database
CVSS Estimate

Feedly estimated the CVSS score as HIGH

Sep 20, 2024 at 11:21 AM
EPSS

EPSS Score was set to: 0.09% (Percentile: 38.4%)

Sep 21, 2024 at 9:28 AM
Threat Intelligence Report

CVE-2024-9043 is a critical vulnerability in Cellopoint's Secure Email Gateway, with a CVSS score of 9.1, that allows remote attackers to exploit a buffer overflow in authentication, potentially crashing the process and gaining admin privileges. The vulnerability has been designated as a Known Exploited Vulnerability (KEV) since September 19, 2024, indicating active exploitation in the wild. No information is provided regarding proof-of-concept exploits, mitigations, detections, patches, or downstream impacts on other third-party vendors or technology. See article

Sep 27, 2024 at 5:36 AM
Static CVE Timeline Graph

Affected Systems

Cellopoint/secure_email_gateway
+null more

Exploits

https://github.com/maybeheisenberg/CVE-2024-9043
+null more

References

@RISK: The Consensus Security Vulnerability Alert: Vol. 24, Num. 38 - SANS Institute
Google Alert - security-vulnerability OR cyber-vulnerability OR software-vulnerability OR hardware-vulnerability OR systems-vulnerability / 53d
Product: Apache HugeGraph-Server CVSS Score: 0 ** KEV since 2024-09-18 ** NVD: ISC Podcast: CVE-2024-7120 - Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90 are vulnerable to critical os command injection via manipulation of the argument template in the Web Interface component's list_base_config.php file, allowing for remote attacks with publicly disclosed exploit potential (VDB-272451). Product: Ivanti Endpoint Manager Cloud Services Appliance CVSS Score: 9.1 ** KEV since 2024-09-19 ** NVD: ISC Podcast: NVD References: CVE-2024-9043 - Cellopoint's Secure Email Gateway is vulnerable to buffer overflow in authentication allowing remote attackers to crash the process and gain admin privileges.

News

Vulnerability Summary for the Week of September 16, 2024
Totally Secure / 28d
High Vulnerabilities Primary Vendor — Product Description Published CVSS Score Source & Patch Info CIRCUTOR–CIRCUTOR Q-SMT CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login page, allowing the attacker to use all the functionalities implemented at web level that allow interacting with the device. 2024-09-18 10 CVE-2024-8887 cve-coordination@incibe.es CIRCUTOR–CIRCUTOR Q-SMT An attacker with access to the network where CIRCUTOR Q-SMT is located in its firmware version 1.0.4, could steal the tokens used on the web, since these have no expiration date to access the web application without restrictions. Token theft can originate from different methods such as network captures, locally stored web information, etc. 2024-09-18 10 CVE-2024-8888 cve-coordination@incibe.es dragonflyoss–Dragonfly2 Dragonfly is an open source P2P-based file distribution and image acceleration system. It is hosted by the Cloud Native Computing Foundation (CNCF) as an Incubating Level Project. Dragonfly uses JWT to verify user. However, the secret key for JWT, “Secret Key”, is hard coded, which leads to authentication bypass. An attacker can perform any action as a user with admin privileges. This issue has been addressed in release version 2.0.9. All users are advised to upgrade.
Update Sun Oct 13 14:25:38 UTC 2024
Recent Commits to cve:main / 37d
Update Sun Oct 13 14:25:38 UTC 2024
Update Thu Oct 10 14:37:03 UTC 2024
Recent Commits to cve:main / 40d
Update Thu Oct 10 14:37:03 UTC 2024
SANS NewsBites Vol. 26 Num. 74 : NIST Revised Identity Guidelines Address Human Element in Authentication; Linux CUPS Vulnerability; Attackers are Targeting Critical Infrastructure Systems
SANS NewsBites / 52d
The US Cybersecurity and Infrastructure Security Agency (CISA) also published an advisory warning that threat actors are targeting operational technology (OT) and industrial control systems (ICS) through “unsophisticated means.” Webcast : SANS 2024 ICS/OT Survey : The State of ICS/OT Cybersecurity | Wednesday, October 9, 10:30 AM ET | SANS Certified Instructor, Jason Christopher, explores the growing trends in cyber threats, vulnerabilities, and risks across industrial environments, including actionable recommendations for how organizations can improve their security posture.
Update Sat Sep 28 14:32:32 UTC 2024
Recent Commits to cve:main / 52d
Update Sat Sep 28 14:32:32 UTC 2024
See 18 more articles and social media posts

CVSS V3.1

Attack Vector:Network
Attack Complexity:Low
Privileges Required:None
User Interaction:None
Scope:Unchanged
Confidentiality:High
Integrity:High
Availability Impact:High

Categories

CVSS 9.8(27010)CWE-121(1712)CWE-787(11243)Cellopoint(5)

Be the first to know about critical vulnerabilities

Collect, analyze, and share vulnerability reports faster using AI

Feedly Threat Intelligence30-day free trial