Zertificon Z1 SecureMail Gateway Sensitive Information Disclosure Vulnerability

A sensitive information disclosure vulnerability has been identified in Zertificon Z1 SecureMail Gateway version 4.44.2-7240-debian12. This issue allows remote attackers to intercept unencrypted messages, bypassing the application's encryption protocols. The vulnerability arises from a race condition in the email composition process, where an attacker can exploit the timing of message delivery to expose sensitive information.

Impact

Exploitation of this vulnerability can lead to the interception of unencrypted emails, allowing attackers to access sensitive information that should have been encrypted.

Reproduction

To reproduce this vulnerability, send a high volume of emails in rapid succession to a recipient using the SecureMail web application. This can be done using Burp Suite's Intruder feature. Alternatively, send emails from two different accounts to the same recipient while one account is already sending messages. In both scenarios, the race condition may cause some messages to arrive unencrypted, exposing sensitive information.

Remediation

Users are advised to update to Zertificon Z1 SecureMail Gateway version 4.45.3 or later.