Security News > 2022 > February > Attackers Can Crash Cisco Email Security Appliances by Sending Malicious Emails

Cisco has released security updates to contain three vulnerabilities affecting its products, including one high-severity flaw in its Email Security Appliance that could result in a denial-of-service condition on an affected device.

The weakness, assigned the identifier CVE-2022-20653, stems from a case of insufficient error handling in DNS name resolution that could be abused by an unauthenticated, remote attacker to send a specially crafted email message and cause a DoS. "A successful exploit could allow the attacker to cause the device to become unreachable from management interfaces or to process additional email messages for a period of time until the device recovers, resulting in a DoS condition," the company said in an advisory.

"Continued attacks could cause the device to become completely unavailable, resulting in a persistent DoS condition."

The flaw impacts Cisco ESA devices running Cisco AsyncOS Software running versions 14.0, 13.5, 13.0, 12.5 and earlier and have the "DANE feature enabled and with the downstream mail servers configured to send bounce messages." DANE is short for DNS-based Authentication of Named Entities, which is used for outbound mail validation.

Cisco credited researchers from ICT service provider Rijksoverheid Dienst ICT Uitvoering for reporting the vulnerability, while pointing out that it's not found any evidence of malicious exploitation.

The fixes also come weeks after Cisco published patches for multiple critical security vulnerabilities impacting its RV Series routers , some of which earned the highest possible CVSS severity score ratings of 10, that could be weaponized to elevate privileges and execute arbitrary code on affected systems.

News URL

https://thehackernews.com/2022/02/attackers-can-crash-cisco-email.html