Network World

Cisco finally patches seven-week-old zero-day flaw in Secure Email Gateway products

Chinese hackers are behind attacks on AsyncOS Software that allow complete takeover of the appliance, company says.
The Hacker News

Cisco Patches Zero-Day RCE Exploited by China-Linked APT in Secure Email Gateways

Cisco released fixes for CVE-2025-20393, a CVSS 10.0 zero-day RCE flaw in AsyncOS exploited by a China-linked APT via email security appliances.

Cisco finally fixes AsyncOS zero-day exploited since November

Cisco finally patched a maximum-severity AsyncOS zero-day exploited in attacks targeting Secure Email Gateway (SEG) appliances since November 2025.

Cisco has finally patched maximum-level security issue targeted by hackers

Cisco bug which was actively abused since late November 2025 has finally been addressed.