By Guru Baran
Publication Date: 2025-12-21 03:40:00
Security researchers have identified at least 120 Cisco Secure Email Gateway and Cisco Secure Email and Web Manager devices vulnerable to a critical zero-day flaw that attackers are actively exploiting in the wild.
The vulnerability, tracked as CVE-2025-20393, currently has no available patch, leaving organizations exposed to potential compromise.
According to threat intelligence from Shadowserver Foundation, the vulnerable devices represent a subset of more than 650 fingerprinted exposed Cisco email security appliances accessible over the internet.
The discovery raises significant concerns for organizations relying on these systems to filter malicious emails and protect their networks from phishing attacks and malware distribution.
