Cisco Secure Email gateways can be crashed using this simple bug

By Scott Marlette Last updated Feb 18, 2022

Cisco has discovered a flaw that allowed threat actors to crash its Secure Email platform, researchers have claimed.

The flaw, tracked as CVE-2022-20653, was found by security researchers from Rijksoverheid Dienst ICT Uitvoering (DICTU). It was discovered in DNS-based Authentication of Named Entities (DANE), a component of Cisco AsyncOS Software that Cisco Secure Email uses, perhaps ironically, to check for spam, phishing, malware, and other threats.

The flaw is triggered by insufficient error handling in the DNS name resolution.

Attacking via email

“An attacker could exploit this vulnerability by sending specially formatted email messages that are processed by an affected device,” Cisco explained. “A successful exploit could allow the attacker to cause the device to become unreachable from management interfaces or to process additional email messages for a period of time until the device recovers, resulting in a DoS [Denial-of-Service] condition.”

An attacker can abuse the flaw perpetually, creating a state of persistent denial of service (DoS) on the target endpoint.

Although the issue is severe, and the service should be updated to the newest version immediately, Cisco says it did not find evidence of the flaw being abused in the wild through viruses or malware.

The company says it has addressed the issue, and a patch is already available.

The company also added that the vulnerable DANE email verification feature is not turned on by default, but admins should still double-check their settings. These settings can be found by navigating to Mail Policies > Destination Controls > Add Destination web UI page. There, admins should be able to confirm if DANE Support is turned on or off.

Furthermore, Cisco confirmed that its Web Security Appliance (WSA) and Secure Email and Web Manager are not susceptible to the flaw, and neither are devices without the DANE feature turned on.

You might also want to check out our list of the best firewalls right now

Via: BleepingComputer

For all the latest Technology News Click Here

For the latest news and updates, follow us on Google News.

Read original article here

Denial of responsibility! TechNewsBoy.com is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.