CVE-2025-20393: Cisco Multiple Products Improper Input Validation
Cisco Multiple Products Improper Input Validation Vulnerability. Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance.
- CISA KEV-listed (remediation due 2025-12-24)
- EPSS 6.5% (91.3% percentile)