Cisco AsyncOS Remote Code Execution Vulnerability
RISK: High Risk
TYPE: Security software and application - Security Software & Appliance
A vulnerability was identified in Cisco AsyncOS. A remote attacker could exploit this vulnerability to trigger remote code execution on the targeted system.
Note:
CVE-2025-20393 is being exploited in the wild. Cisco aware of a new cyberattack campaign targeting a limited subset of appliances with certain ports open to the internet that are running Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. This attack allows the threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance.
Hence, the risk level is rated as High Risk.
Impact
- Remote Code Execution
System / Technologies affected
- Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager
This attack campaign affects Cisco Secure Email Gateway, both physical and virtual, and Cisco Secure Email and Web Manager appliances, both physical and virtual, when both of the following conditions are met:
- The appliance is configured with the Spam Quarantine feature.
- The Spam Quarantine feature is exposed to and reachable from the internet.
The Spam Quarantine feature is not enabled by default. Deployment guides for these products do not require this port to be directly exposed to the Internet.
Note: All releases of Cisco AsyncOS Software are affected by this attack campaign.
Solutions
Before installation of the software, please visit the vendor web-site for more details.
沒有留言:
發佈留言