THREATOPS
THREAT OPSCVEs › CVE-2025-20393

CVE-2025-20393 — Cisco Multiple Products Improper Input Validation Vulnerability

CISA KEVExploited: confirmedCisco

Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance.

Vulnerability details