CVE-2025-20393

critical

Cisco ⚠️ CISA KEV — Exploited in the Wild

CVSS v3 Base Score

10.0

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

EPSS Score

6.3%

Exploitation probability in 30 days

Top 9% most likely to be exploited

Attack Characteristics

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Confidentiality

High

Integrity

High

Availability

High

Published: December 17, 2025 (147 days ago)

Last Modified: January 16, 2026

Vendor: Cisco

⚠️ CISA Known Exploited Vulnerability

Added to KEV: 2025-12-17

Remediation Due: 2025-12-24 (⚠ 141d overdue)

Description

A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges. This vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.

CWE

CWE-20

Affected Products

cisco asyncos

References

🔗 sec.cloudapps.cisco.com 🔗 www.cisa.gov

CVE-2025-20393

⚠️ CISA Known Exploited Vulnerability

Vulnerability Report

Description

CWE

Affected Products

References