Information from Canon Marketing Japan Inc.
Vulnerability ID:JVN#35567473
Title:GUARDIANWALL MailSuite vulnerable to stack-based buffer overflow
Status:Vulnerable
This is a statement from the vendor itself with no modification by JPCERT/CC.
A certain version of GUARDIANWALL MailSuite contains a buffer overflow vulnerability.
An attacker may execute arbitrary code by sending a specially crafted request to the web service of an affected product.
See the information below for affected versions, mitigation, and additional notes.
Affected product and versions
・GUARDIANWALL MailSuite Ver. 1.4.00 through Ver. 2.4.26.
Versions earlier than Ver. 1.4.00, as well as legacy GUARDIANWALL (Ver. 7.x/8.x), are not affected.
GUARDIANWALL Mail Security Cloud (SaaS version) was remediated during maintenance performed on April 30, 2026.
Solution
Apply the remediation patch.
A remediation patch addressing this vulnerability has been provided to contracted users.
Follow the accompanying instructions to apply the remediation patch.
Mitigation
If the Management interface of the affected product is not exposed to external networks, this vulnerability cannot be exploited remotely.
Restricting access to this management interface (e.g., by IP address) can help mitigate the risk.
How to confirm whether your environment is affected
For instructions on how to confirm whether your environment is affected, please contact the product support desk.
