Cisco Patches High Vulnerability in ESA and Secure Email and Web Manager

Cisco on Wednesday announced patches for two high-severity vulnerabilities impacting products such as Cisco Email Security Appliance (ESA) and Cisco Secure Email and Web Manager.

Tracked as CVE-2023-20009 (CVSS score of 6.5), Cisco ESA and Secure Email and Web Manager could allow a remote authenticated attacker to gain elevated privileges on the system, caused by improper validation of an uploaded Simple Network Management Protocol (SNMP) configuration file. By uploading a specially-crafted configuration file, an authenticated attacker could exploit this vulnerability to execute arbitrary commands as root.

Secure Email and Web Manager customers are advised to update to AsyncOS versions 12.8.1-021, 13.8.1-108, 14.2.0-224, 14.2.1-020, or 14.3.0-120. ESA customers should update to AsyncOS 12.5.4-041, 13.0.5-007, 13.5.4-038, 14.2.1-020, or 14.3.0-032.

The tech giant also announced patches for a high-severity issue in Cisco Email Security Appliance that could allow a local authenticated attacker to execute arbitrary commands on the system. By sending specially-crafted operating system commands, an attacker could exploit this vulnerability to execute arbitrary commands on the underlying operating system as the CLI process user.

Tracked as CVE-2023-20075 (CVSS score of 6.0), the issue exists because of improper input validation in the CL. For ESA customers, AsyncOS version 12.5.4-041, 13.0.5-007, 13.5.4-038, 14.2.1-020, or 14.3.0-032 addresses the bug.

Cisco says it is not aware of any of these vulnerabilities being exploited in attacks, but proof-of-concept exploits code is available.