Security News > 2024 > July > Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)
Cisco has fixed two critical vulnerabilities that may allow attackers to overwrite files on its Secure Email Gateways and change the password of any user on its Smart Software Manager On-Prem license servers.
Cisco Secure Email Gateways aim to protect businesses against emails laden with malware, malicious links and scams, and against exfiltration of sensitive data via email.
"A successful exploit could allow the attacker to replace any file on the underlying file system. The attacker could then perform any of the following actions: add users with root privileges, modify the device configuration, execute arbitrary code, or cause a permanent denial of service condition on the affected device," Cisco explained in the advisory.
"The updated version of Content Scanner Tools is included by default in Cisco AsyncOS for Cisco Secure Email Software releases 15.5.1-055 and later," Cisco added.
The vulnerability affects Cisco SSM On-Prem and its earlier incarnation: Cisco Smart Software Manager Satellite.
Admins are advised to upgrade to either Cisco SSM On-Prem v8-202212 or v9.
News URL
https://www.helpnetsecurity.com/2024/07/18/cve-2024-20401-cve-2024-20419/
Related news
- Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080) (source)
- PoC exploit for critical Fortra FileCatalyst flaw published (CVE-2024-5276) (source)
- Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929) (source)
- Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager (source)
- Critical Cisco bug lets hackers add root users on SEG devices (source)
- Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991) (source)
- Docker fixes critical auth bypass flaw, again (CVE-2024-41110) (source)
- Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327) (source)