Cisco Secure Email Gateway Malware Detection Evasion

Posted by deepcore on November 16, 2022 – 1:51 pm

Cisco Secure Email Gateways, formerly known as Cisco Ironport Email Security Appliances, that are configured to detect malicious email attachments, can easily be circumvented. A remote attacker can leverage error tolerance and different MIME decoding capabilities of email clients, compared with the gateway, to evade detection of malicious payloads by anti-virus components on the gateway. This exploit was successfully tested with a zip file containing the Eicar test virus and Cisco Secure Email Gateways with AsyncOS 14.2.0-620, 14.0.0-698, and others. An affected Email Client was Mozilla Thunderbird 91.11.0 (64-bit).

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« Simmeth System GmbH Supplier Manager LFI / SQL Injection / Bypass VMware NSX Manager XStream Unauthenticated Remote Code Execution »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Cisco Secure Email Gateway Malware Detection Evasion

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL