US EditionCisco 0-Day RCE Secure Email Gateway Vulnerability Exploited in the Wild
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.3 Articles
3 Articles
Cisco fixes AsyncOS vulnerability exploited in zero-day attacks (CVE-2025-20393)
Cisco has finally shipped security updates for its Email Security Gateway and Secure Email and Web Manager devices, which fix CVE-2025-20393, a vulnerability in the devices’ AsyncOS that has been exploited as a zero-day by suspected Chinese attackers since at least late November 2025. The company revealed the flaw’s existence and in-the-wild exploitation on December 17, 2025, and urged customers to check whether their appliances had been breache…
Cisco 0-Day RCE Secure Email Gateway Vulnerability Exploited in the Wild
Cisco has confirmed active exploitation of a critical zero-day remote code execution vulnerability in its Secure Email Gateway and Secure Email and Web Manager appliances. Tracked as CVE-2025-20393, the flaw allows unauthenticated attackers to execute arbitrary root-level commands via crafted HTTP requests to the Spam Quarantine feature. The vulnerability stems from insufficient validation of HTTP […] The post Cisco 0-Day RCE Secure Email Gatewa…
Attackers compromise Cisco Secure Email Gateway and Secure Email and Web Manager over a root vulnerability. Now there are security updates.
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium
