Critical Stack Buffer Overflow in Canon GUARDIANWALL MailSuite Enables Remote Code Execution

A critical stack-based buffer overflow vulnerability, tracked as CVE-2026-32661, has been identified in Canon GUARDIANWALL MailSuite, affecting versions 1.4.00 through 2.4.26. The flaw enables remote code execution, placing organizations running this email security platform at significant risk. A patch remains pending, leaving affected systems exposed until an official fix is released.

The vulnerability specifically concerns the pop3wallpasswd component, where a buffer overflow condition can be triggered remotely. Attackers exploiting this flaw could achieve arbitrary code execution on targeted systems, potentially gaining full control over affected mail infrastructure. Security researchers at OffSeq identified and documented the issue through their threat intelligence platform.

Organizations currently operating Canon GUARDIANWALL MailSuite within the vulnerable version range are urged to immediately restrict network access to exposed services and implement enhanced monitoring of pop3wallpasswd activity. Until Canon releases an official security patch, administrators should evaluate compensating controls such as network segmentation, strict firewall rules, and intrusion detection signatures. Given the severity of remote code execution capabilities, this vulnerability carries critical implications for email security, data integrity, and organizational network defense.