A serious security vulnerability, identified as CVE-2018-15453, in Cisco AsyncOS. More precisely, the vulnerability is located in the Secure/Multipurpose Internet Mail Extensions (S/MIME) Decryption and Verification or S/MIME Public Key Harvesting features of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), as per the official advisory.
CVE-2018-15453 Technical Overview
The CVE-2018-15453 flaw could allow an unauthenticated, remote attack to cause a vulnerable device to corrupt system memory. Furthermore, a successful exploit could cause the filtering process to reload unexpectedly, which could lead to denial-of-service condition on the target device, Cisco explained.
Fortunately, fixes for the critical vulnerability are already available.
What is S/MIME? It is a protocol that enables users to digitally sign and encrypt email messages from an email client. The issue with the vulnerability is that threat actors could trigger a permanent DoS condition of a Cisco email security appliance by simply sending a malicious S/MIME-signed email using a target device. In other words, CVE-2018-15453 is triggered by improper validation of S/MIME-signed emails.
If Decryption and Verification or Public Key Harvesting is configured, the filtering process could crash due to memory corruption and restart, resulting in a DoS condition. The software could then resume processing the same S/MIME-signed email, causing the filtering process to crash and restart again. A successful exploit could allow the attacker to cause a permanent DoS condition. This vulnerability may require manual intervention to recover the ESA.
Who is vulnerable? CVE-2018-15453 affects all software versions prior to the first fixed release of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA), both virtual and hardware appliances, if the software is configured for S/MIME Decryption and Verification or S/MIME Public Key Harvesting, the advisory says.
Software updates that fix the vulnerability are already available. Keep in mind that there are no workarounds.