Summary
| Parameter | Value |
|---|---|
| CVE ID | CVE-2026-24423 |
| Alert Source | CISA KEV - Active Exploitation |
| CVE Publication Year | 2026 |
| Date Published | 2026-02-05 |
| Vendor | SmarterTools |
| Product | SmarterMail |
| CVSS Score | 9.8 (critical) |
| EPSS Score | 9.2% (percentile: 93%) |
| CISA KEV | Yes - confirmed active exploitation |
| Ransomware | Yes - used in ransomware campaigns |
| Remediation Deadline | 2026-02-26 |
Vulnerability Description
SmarterTools SmarterMail contains a missing authentication for critical function vulnerability in the ConnectToHub API method. This could allow the attacker to point the SmarterMail instance to a malicious HTTP server which serves the malicious OS command and could lead to command execution.
Required Actions
Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
Ransomware Warning
This vulnerability is actively exploited in ransomware campaigns. Immediate action is critical for your organization’s security.
Who Is Affected?
This vulnerability affects SmarterMail by SmarterTools. Check if your organization uses this software and requires updates.
Sources
Need help securing your systems? nFlo team offers vulnerability management and 24/7 SOC services. Contact us.
