Medium severity6.1NVD Advisory· Published Apr 28, 2025· Updated Jun 17, 2026
CVE-2024-10635
CVE-2024-10635
Description
Enterprise Protection contains an improper input validation vulnerability in attachment defense that allows an unauthenticated remote attacker to bypass attachment scanning security policy by sending a malicious S/MIME attachment with an opaque signature. When opened by a recipient in a downstream email client, the malicious attachment could cause partial loss of integrity and confidentiality to their system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 8.18.6
Patches
Vulnerability mechanics
References
1- www.proofpoint.com/us/security/security-advisories/pfpt-sa-2025-0002nvdVendor Advisory
News mentions
0No linked articles in our index yet.