Nearly a week after the last vulnerability report published by Cisco, the tech company revealed the presence of an email filter flaw in Cisco AsyncOS software for its Email Security Appliance product.
According to the cybersecurity alert, exploiting this vulnerability would allow an unauthenticated remote threat actor to maximize the target CPU consumption percentage, generating a denial of service (DoS) condition.
Apparently, the vulnerability exists due to the improper handling of emails containing large attachments. The vulnerability could be exploited by sending a malicious email through the compromised service. In addition, the firm mentions that manual user intervention may be necessary to recover the ESA.
The main indicator of compromise in the target system is the excessive increase in CPU resources consumption, which quickly leads to system memory exhaustion. Users concerned about the integrity of their system can verify the CPU usage status on the Cisco ESA CLI.
Regarding affected products, the Cisco cybersecurity alert mentions that the vulnerability affects Cisco AsyncOS 12.1.0-085 and 11.1.0-131 for the Cisco Email Security Appliance. The company ensures that other similar implementations are completely safe from the exploitation of this vulnerability.
After receiving the report, the firm began working on the development of the software updates required for this error’s correction. Functional workarounds are not known to date, so affected deployment administrators are strongly asked to install the official updates as soon as possible.
Cisco reminds customers that they are only allowed to install and use support for the software versions considered in their users’ license. The download and installation of these updates is considered as the consent of customers to conform to the terms of their Cisco software license. Additional details about this flaw and the latest Cisco security updates are available on the company’s official platforms.
He is a cyber security and malware researcher. He studied Computer Science and started working as a cyber security analyst in 2006. He is actively working as an cyber security investigator. He also worked for different security companies. His everyday job includes researching about new cyber security incidents. Also he has deep level of knowledge in enterprise security implementation.