CVE-2025-20393

critical

Description

A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.

References

https://www.darkreading.com/endpoint-security/exploited-zero-day-flaw-cisco-uc-affect-millions

https://www.securityweek.com/hackers-targeting-cisco-unified-cm-zero-day/

https://thehackernews.com/2026/01/cisco-fixes-actively-exploited-zero-day.html

https://www.securityweek.com/cisco-patches-vulnerability-exploited-by-chinese-hackers/

https://www.helpnetsecurity.com/2026/01/16/cisco-fixes-asyncos-vulnerability-exploited-in-zero-day-attacks-cve-2025-20393/

https://www.bleepingcomputer.com/news/security/cisco-finally-fixes-asyncos-zero-day-exploited-since-november/

https://thehackernews.com/2026/01/cisco-patches-zero-day-rce-exploited-by.html

https://securityaffairs.com/186985/apt/china-linked-apt-uat-9686-abused-now-patched-maximum-severity-asyncos-bug.html

https://www.theregister.com/2026/01/15/cisco_fixes_cve_2025_20393/

https://www.bleepingcomputer.com/news/security/cisco-warns-of-identity-service-engine-flaw-with-exploit-code/

https://securityaffairs.com/185861/apt/china-linked-apt-uat-9686-is-targeting-cisco-secure-email-gateway-and-secure-email-and-web-manager.html

https://www.securityweek.com/china-linked-hackers-exploiting-zero-day-in-cisco-security-gear/

https://www.databreachtoday.com/chinese-hackers-targeting-cisco-email-gateways-a-30341

https://www.bleepingcomputer.com/news/security/new-password-spraying-attacks-target-cisco-pan-vpn-gateways/

https://thehackernews.com/2025/12/cisco-warns-of-active-attacks.html

https://securityaffairs.com/185830/security/u-s-cisa-adds-cisco-sonicwall-and-asus-flaws-to-its-known-exploited-vulnerabilities-catalog.html

https://cyberscoop.com/cisco-zero-day-attacks-china-apt/

https://www.theregister.com/2025/12/17/attacks_pummeling_cisco_0day/

https://www.helpnetsecurity.com/2025/12/17/cisco-secure-email-cve-2025-20393/

https://www.bleepingcomputer.com/news/security/cisco-warns-of-unpatched-asyncos-zero-day-exploited-in-attacks/

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4?vs_f=Cisco%20Security%20Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Reports%20About%20Cyberattacks%20Against%20Cisco%20Secure%20Email%20Gateway%20And%20Cisco%20Secure%20Email%20and%20Web%20Manager%26vs_k=1

https://www.theregister.com/2026/01/22/another_week_another_emergency_patch/

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20393

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4

Details

Source: Mitre, NVD

Published: 2025-12-17

Updated: 2026-01-16

Known Exploited Vulnerability (KEV)

Risk Information

CVSS v2

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Severity: Critical

CVSS v3

Base Score: 10

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.04033

Vulnerability Watch

Tenable Research has classified this CVE under the following Vulnerability Watch classification, which includes active and historical (inactive) classifications. You can learn more about these classifications on our blog.

Vulnerability of Interest

Detections

Analytics