Security News > 2022 > February > Cisco bug can let hackers crash Cisco Secure Email gateways
Cisco has addressed a high severity vulnerability that could allow remote attackers to crash Cisco Secure Email appliances using maliciously crafted email messages.
The security flaw was found in DNS-based Authentication of Named Entities, a Cisco AsyncOS Software component used by Cisco Secure Email to check emails for spam, phishing, malware, and other threats.
This bug is due to an insufficient error handling issue in DNS name resolution found and reported to Cisco by Rijksoverheid Dienst ICT Uitvoering security researchers.
"An attacker could exploit this vulnerability by sending specially formatted email messages that are processed by an affected device," Cisco explained.
While the security vulnerability can be exploited remotely by unauthenticated attackers, Cisco says the vulnerable DANE email verification component is not enabled by default.
Cisco has also confirmed that CVE-2022-20653 does not impact Web Security Appliance and Secure Email and Web Manager or devices without the DANE feature enabled.
News URL
Related news
- ArcaneDoor hackers exploit Cisco zero-days to breach govt networks (source)
- Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) (source)
- State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage (source)
- NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources (source)
- NSA warns of North Korean hackers exploiting weak DMARC email policies (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-02-17 | CVE-2022-20653 | Unspecified vulnerability in Cisco Asyncos A vulnerability in the DNS-based Authentication of Named Entities (DANE) email verification component of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |