Critical vulnerabilities in Cisco Secure Email Gateway and Cisco Smart Software Manager On-Prem (CVE-2024-20401, CVE-2024-20419)

Advisory No: TZCERT/SA/2024/07/19-2

Date of First Release: 19^th July 2024

Source: Cisco

Software Affected: Cisco Secure Email Gateway, Cisco Smart Software Manager On-Prem

Overview:

Two Cisco products are affected by critical vulnerabilities. The vulnerabilities could allow an attacker to execute arbitrary code, or cause a permanent denial of service (DoS) condition on the affected device.

Description:

Cisco Secure Email Gateway and Cisco Smart Software Manager On-Prem are affected by two critical vulnerabilities tracked as CVE-2024-20401, and CVE-2024-20419 with base scores of 9.8 and 10 respectively. The vulnerabilities are the result of improper handling of email attachments when file analysis and content filters are enabled, and due to improper implementation of the password-change process. The vulnerability allows unauthenticated remote attacker to modify the device configuration, execute arbitrary code, or cause a permanent denial of service (DoS) condition on the affected device.

Impact:

Successful exploitation of these vulnerabilities may allow unauthenticated, remote unauthenticated attacker to take control of the affected system or cause a denial of service condition.

Solution:

Cisco has released patches for these vulnerabilities. Users and administrators are encouraged to apply necessary updates.

References:

1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-afw-bGG2UsjH
2. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cssm-auth-sLw3uhUy