CVE-2025-20393

⚠ KEVEPSS 6.5%

Cisco Multiple Products Improper Input Validation Vulnerability

Added to CISA KEV: 12/17/2025

Description

Cisco Secure Email Gateway, Secure Email, AsyncOS Software, and Web Manager appliances contains an improper input validation vulnerability that allows threat actors to execute arbitrary commands with root privileges on the underlying operating system of an affected appliance.

Affected packages (0)

No package mapping in OSV.