Cisco patches 0-day RCE in Secure Email Gateway
Cisco patches 0-day RCE in Secure Email Gateway Cisco released fixes for CVE-2025-20393 (CVSS 10) in AsyncOS for Secure Email Gateway and Secure Email & Web Manager after confirming a China-linked APT (UAT-9686) had exploited it as a zero-day. The flaw stems from insufficient HTTP request validation in the Spam Quarantine feature and can yield […]