Cisco AsyncOS Software Uuencoded Email Filtering Bypass Vulnerability

A vulnerability in the uuencode inspection engine of Cisco AsyncOS for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass engine protection and deliver a malicious file as an email attachment.

The vulnerability is due to improper implementation of the logic for decoding uuencoded content. An attacker could exploit this vulnerability sending a crafted uuencoded email message that contains a malicious attachment.

Cisco has confirmed the vulnerability in a security notice and released software updates.

Successful exploitation could allow the attacker to evade email filtering and deliver malicious content to a targeted user, which could be used to conduct further attacks. Administrators are advised to implement effective mitigations.