Skip to main content

Guardianwall Mail Security Cloud Saas Version

1 CVEs product

Monthly

CVE-2026-32661 CRITICAL Act Now

Remote code execution in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud allows unauthenticated network attackers to execute arbitrary code via stack-based buffer overflow when pop3wallpasswd runs with grdnwww user privileges. Canon Marketing Japan has released patches for both on-premises (versions 1.4.00-2.4.26 affected) and SaaS deployments (pre-April 30, 2026 maintenance). CVSS 9.3 indicates critical severity with network vector and no authentication required, though EPSS score of 0.14% (33rd percentile) suggests limited real-world exploitation probability at time of analysis. SSVC assessment marks this as automatable with total technical impact but no confirmed exploitation.

Stack Overflow RCE Buffer Overflow Guardianwall Mailsuite On Premises Version Guardianwall Mail Security Cloud Saas Version
NVD
CVSS 4.0
9.3
EPSS
0.1%
EPSS 0% CVSS 9.3
CRITICAL Act Now

Remote code execution in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud allows unauthenticated network attackers to execute arbitrary code via stack-based buffer overflow when pop3wallpasswd runs with grdnwww user privileges. Canon Marketing Japan has released patches for both on-premises (versions 1.4.00-2.4.26 affected) and SaaS deployments (pre-April 30, 2026 maintenance). CVSS 9.3 indicates critical severity with network vector and no authentication required, though EPSS score of 0.14% (33rd percentile) suggests limited real-world exploitation probability at time of analysis. SSVC assessment marks this as automatable with total technical impact but no confirmed exploitation.

Stack Overflow RCE Buffer Overflow +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy