Cisco email appliances have a brickable vulnerability

By

Plus two other vulns patched.

Cisco’s Email Security Appliances (ESAs) can be bricked because of a bug in how they verify incoming emails.

Cisco email appliances have a brickable vulnerability

The ESAs use DNS-based Authentication of Named Entities (DANE) to create a secure connection for email transmission, in the AsyncOS software they run.

What Cesare Auteri, Steven Geerts, John-Paul Straver, and Roy Wiss of Rijksoverheid Dienst ICT Uitvoering discovered was that the DANE implementation has insufficient error handling in its DNS name resolution (CVE-2022-20653). 

“A successful exploit could allow the attacker to cause the device to become unreachable from management interfaces or to process additional email messages for a period of time until the device recovers, resulting in a DoS condition," the Cisco advisory says.

It gets worse: repeated attacks “could cause the device to become completely unavailable, resulting in a persistent DoS condition”. In other words, an attacker could potentially brick the target device.

As well as running a vulnerable version of AsyncOS, the advisory explained that for a target to be attackable, the downstream mail servers have to be configured to send bounce messages.

AsyncOS versions 12.5 and earlier; 13.0, 13.5, and 14.0 are vulnerable. The three newer versions have patches available, but users on pre-12.5 software versions will need to update to a fixed release.

The company had two other patch announcements, for bugs rated medium-severity.

Cisco’s Redundancy Configuration Manager for StarOS can be force-restarted if an attacker sends it malformed TCP data (CVE-2022-20750). Patched software is available.

Finally, a cross-site scripting vulnerability (CVE-2022-20659) allowing attacks against users has been fixed in the web-based management interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network (EPN) Manager.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Ex-student charged over Western Sydney University cyberattacks

Ex-student charged over Western Sydney University cyberattacks

Home Affairs officer accessed data on "friends and associates"

Home Affairs officer accessed data on "friends and associates"

SA Water plans 'once-in-a-generation' core technology uplift

SA Water plans 'once-in-a-generation' core technology uplift

Sportsbet recruits 'security champions' in shift-left strategy

Sportsbet recruits 'security champions' in shift-left strategy

Log In

  |  Forgot your password?