Security News > 2022 > February > Cisco bug can let hackers crash Cisco Secure Email gateways
Cisco has addressed a high severity vulnerability that could allow remote attackers to crash Cisco Secure Email appliances using maliciously crafted email messages.
The security flaw was found in DNS-based Authentication of Named Entities, a Cisco AsyncOS Software component used by Cisco Secure Email to check emails for spam, phishing, malware, and other threats.
This bug is due to an insufficient error handling issue in DNS name resolution found and reported to Cisco by Rijksoverheid Dienst ICT Uitvoering security researchers.
"An attacker could exploit this vulnerability by sending specially formatted email messages that are processed by an affected device," Cisco explained.
While the security vulnerability can be exploited remotely by unauthenticated attackers, Cisco says the vulnerable DANE email verification component is not enabled by default.
Cisco has also confirmed that CVE-2022-20653 does not impact Web Security Appliance and Secure Email and Web Manager or devices without the DANE feature enabled.
News URL
Related news
- Cisco bug lets hackers run commands as root on UWRB access points (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses (source)
- Microsoft dangles $10K for hackers to hijack LLM email service (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-17 | CVE-2022-20653 | Unspecified vulnerability in Cisco Asyncos A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |