Unrated severityCISA KEVNVD Advisory· Published Dec 17, 2025· Updated Feb 26, 2026

Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability

CVE-2025-20393

Description

A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow an unauthenticated, remote attacker to execute arbitrary system commands on an affected device with root privileges.

This vulnerability is due to insufficient validation of HTTP requests by the Spam Quarantine feature. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges.

Affected products

Cisco/Cisco Secure Emailv5
Range: 14.0.0-698
Cisco/Cisco Secure Email and Web Managerv5
Range: 13.6.2-023

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4mitre

News mentions

IR Trends Q1 2026: Phishing reemerges as top initial access vector, as attacks targeting public administration persist
Cisco Talos Intelligence · Apr 22, 2026

cvss	0.000
epss	0.005
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000