THREAT OPS › CVEs › CVE-2025-20393
CVE-2025-20393 — Cisco Multiple Products Improper Input Validation Vulnerability
Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance.
Vulnerability details
- Affected productsMultiple Products
- KEV remediation due2025-12-24