Cisco has fixed two critical vulnerabilities that may allow attackers to overwrite files on its Secure Email Gateways (CVE-2024-20401) and change the password of any user on its Smart Software Manager On-Prem license servers (CVE-2024-20419). Neither of the flaws are exploited in the wild, but both are remotely exploitable by unauthenticated attackers, so prompt action is advised. CVE-2024-20401 and CVE-2024-20419 Cisco Secure Email Gateways aim to protect businesses against emails laden with malware, malicious links … More

The post Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) appeared first on Help Net Security.