{"id":18611,"date":"2025-12-19T04:37:29","date_gmt":"2025-12-19T04:37:29","guid":{"rendered":"https:\/\/sekuritasit.com\/?p=18611"},"modified":"2025-12-19T04:37:29","modified_gmt":"2025-12-19T04:37:29","slug":"cisco-asyncos-zero-day","status":"publish","type":"post","link":"https:\/\/sekuritasit.com\/index.php\/2025\/12\/19\/cisco-asyncos-zero-day\/","title":{"rendered":"Cisco AsyncOS Zero-day"},"content":{"rendered":"\n\n\n\n <\/colgroup>\n\n\n\n\n
\n

\n What is the Attack?\n <\/p>\n<\/td>\n

\n

\n Cisco has confirmed the active exploitation of a critical zero-day vulnerability in AsyncOS, tracked as CVE-2025-20393, affecting Cisco Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances. The vulnerability allows unauthenticated remote attackers to execute arbitrary operating system commands with root-level privileges, leading to full device compromise. At the time of vendor disclosure on December 17, 2025, Cisco reported that no security patch was available, increasing the risk of widespread exploitation in affected environments.\n <\/p>\n<\/td>\n<\/tr>\n

\n

\n What is the recommended Mitigation?\n <\/p>\n<\/td>\n

\n

\n Cisco has urged organizations to immediately restrict internet exposure of AsyncOS management and quarantine interfaces, closely monitor for indicators of compromise, and review logs for signs of unauthorized access or tampering.<\/p>\n

Organizations suspecting compromise are advised to treat affected appliances as fully breached and perform forensic analysis or rebuild systems as necessary. Continued monitoring is critical until official patches or permanent mitigations are released.\n <\/p>\n<\/td>\n<\/tr>\n

\n

\n What FortiGuard Coverage is available?\n <\/p>\n<\/td>\n

\n