CVE-2025-20393 - Geek Feed

Cisco finally fixes AsyncOS zero-day exploited since November

January 17, 2026January 17, 2026 geekfeed0Tagged 0day, Actively Exploited, china, cisco, Cisco AsyncOS, CVE-2025-20393, rce, Remote Command Execution, Secure Email Gateway, UAT-9686, Zero-Day

Cisco has finally patched a maximum-severity Cisco AsyncOS zero-day exploited in attacks against Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances since November 2025. As Cisco explained in December, when it disclosed the vulnerability (CVE-2025-20393), it affects only Cisco SEG and Cisco SEWM appliances with non-standard configurations when the Spam Quarantine […]

2 mins read

Cisco warns of unpatched AsyncOS zero-day exploited in attacks

December 20, 2025December 20, 2025 geekfeed0Tagged 0day, Actively Exploited, AquaShell, china, cisco, Cisco AsyncOS, CVE-2025-20393, rce, Remote Command Execution, Secure Email Gateway, UAT-9686, vulnerability, Zero-Day

Cisco warned customers today of an unpatched, maximum-severity Cisco AsyncOS zero-day actively exploited in attacks targeting Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances. This yet-to-be-patched zero-day (CVE-2025-20393) affects only Cisco SEG and Cisco SEWM appliances with non-standard configurations, when the Spam Quarantine feature is enabled and exposed on the Internet. […]

3 mins read