Chinese hackers are behind attacks on AsyncOS Software that allow complete takeover of the appliance, the company says.

CSO Online offers insights into cybersecurity, risk management, and IT leadership, providing articles, reports, and expert analysis to help security professionals navigate the evolving threat landscape and protect their organizations from cyber attacks. By exploring CSO Online's curated content, CISOs, security managers, and IT executives can learn about threat intelligence, security frameworks, and incident response strategies for building resilient cybersecurity programs. Whether you're defending against ransomware, phishing attacks, or insider threats, CSO Online offers resources to strengthen your security posture and safeguard your digital assets.

CSO Online

Cisco patched CVE-2025-20393, a critical zero-day vulnerability in AsyncOS Software affecting Secure Email Gateway and Secure Email and Web Manager products. The flaw, which allows complete appliance takeover with root privileges when Spam Quarantine is exposed to the internet, received a CVSS score of 10. Chinese threat actors exploited the vulnerability since late November, but Cisco only issued a patch seven weeks after initial detection and one month after public disclosure. Organizations running affected products with Spam Quarantine enabled and internet-exposed should upgrade immediately to the specified AsyncOS versions.

Cisco finally patches seven-week-old zero-day flaw in Secure Email Gateway products