• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
cisco patches bug that could break its email security service

Cisco patches bug that could break its email security service with a single message

You are here: Home / General Cyber Security News / Cisco patches bug that could break its email security service with a single message
February 17, 2022

Cisco has fixed a bug that could let attackers to lock up its email security appliance with a single malicious email.

The bug, which has the ID CVE-2022-20653, affects Cisco’s Email Security Equipment (ESA), an email security gateway solution that detects and blocks email-borne malware, spam, and phishing attempts.

The dilemma lies in the ASyncOS running program that the ESA uses, according to an advisory issued by the firm this 7 days.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


The dilemma lies in the appliance’s use of DNS-dependent Authentication of Named Entities (DANE) for security. DANE takes advantage of the a lot more safe DNSSEC protocol to provide added verification that a DNS report is respectable. This will make it harder for malicious actors to spoof electronic certificates or use person-in-the-center attacks to misdirect DNS requests.

Having said that, Cisco located that ASyncOS was unable to appropriately manage DNS identify resolution, opening it up to exploit by destructive inputs.

In this circumstance, the malicious input would be an email and, if crafted accurately, could freeze the appliance’s administration interface and quit it processing further more e-mail right up until it had recovered.

Cisco has categorized the vulnerability, which has a CVSS rating of 7.5, as a denial of support (DoS) bug.

“Continued attacks could lead to the product to turn into entirely unavailable, resulting in a persistent DoS problem,” Cisco warned.

The DANE function is not enabled by default, meaning that only people who have activated it will be afflicted. All those shoppers can put in Cisco’s software package updates to take care of the dilemma.

In the meantime, consumers can also configure bounce messages from the ESA alternatively of from downstream dependent email servers to halt attackers exploiting the bug, the company claimed.

The ASyncOS program noticed two other documented vulnerabilities previous 12 months. CVE-2021-1566 was a bug in its Cisco Highly developed Malware safety for Endpoints integration, permitting the interception of distant targeted traffic. The other, CVE-2021-1359, permitted attackers to obtain root privileges.


Some parts of this posting are sourced from:
www.itpro.co.uk

Previous Post: «ukrainian ddos attacks should put us on notice–researchers Ukrainian DDoS Attacks Should Put US on Notice–Researchers
Next Post: Phishing Top Threat to US Healthcare Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Enzo Biochem Hit by Ransomware, 2.5 Million Patients’ Data Compromised
  • US and Korean Agencies Issue Warning on North Korean Cyber-Attacks
  • Malicious PyPI Packages Use Compiled Python Code to Bypass Detection
  • New Botnet Malware ‘Horabot’ Targets Spanish-Speaking Users in Latin America
  • The Importance of Managing Your Data Security Posture
  • Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering
  • Insurers Predict $33bn Bill for Catastrophic “Cyber Event”
  • Chinese Phishing Gang “PostalFurious” Expands Campaign
  • Kaspersky Says it is Being Targeted By Zero-Click Exploits
  • North Korea’s Kimsuky Group Mimics Key Figures in Targeted Cyber Attacks

Copyright © TheCyberSecurity.News, All Rights Reserved.