CVE-2018-15453 Vulnerability Affects Cisco AsyncOS
NEWS

CVE-2018-15453 Vulnerability Affects Cisco AsyncOS

A serious security vulnerability, identified as CVE-2018-15453, in Cisco AsyncOS. More precisely, the vulnerability is located in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), as per the official advisory.




CVE-2018-15453 Technical Overview

The CVE-2018-15453 flaw could allow an unauthenticated, remote attack to cause a vulnerable device to corrupt system memory. Furthermore, a successful exploit could cause the filtering process to reload unexpectedly, which could lead to denial-of-service condition on the target device, Cisco explained.

Fortunately, fixes for the critical vulnerability are already available.

Related:
Two severe security bugs (CVE-2018-0448, CVE-2018-15386) affecting Cisco?s Digital Network Architecture (DNA) Center software have been just patched.
CVE-2018-0448, CVE-2018-15386 in Cisco’s DNA Network Software, Patch Now

What is S/MIME? It is a protocol that enables users to digitally sign and encrypt email messages from an email client. The issue with the vulnerability is that threat actors could trigger a permanent DoS condition of a Cisco email security appliance by simply sending a malicious S/MIME-signed email using a target device. In other words, CVE-2018-15453 is triggered by improper validation of S/MIME-signed emails.

In addition:

If Decryption and Verification or Public Key Harvesting is configured, the filtering process could crash due to memory corruption and restart, resulting in a DoS condition. The software could then resume processing the same S/MIME-signed email, causing the filtering process to crash and restart again. A successful exploit could allow the attacker to cause a permanent DoS condition. This vulnerability may require manual intervention to recover the ESA.

Who is vulnerable? CVE-2018-15453 affects all software versions prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), both virtual and hardware appliances, if the software is configured for S/MIME Decryption and Verification or S/MIME Public Key Harvesting, the advisory says.

Software updates that fix the vulnerability are already available. Keep in mind that there are no workarounds.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...