Cisco Patches Critical Zero-Day Exploited by Chinese Hackers

Cisco issues patches for critical email security flaw exploited by Chinese hackers, urging immediate updates to prevent attacks.

By Content Team

Jan 17, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Cisco released patches Thursday for a maximum severity vulnerability (CVE-2025-20393) in its email security products that Chinese hackers have been exploiting since November. The flaw allows attackers to execute commands with root privileges on affected Secure Email Gateway and Email and Web Manager appliances.

Cisco's Talos team discovered the attacks targeting a small number of devices. The China-linked group UAT-9686 used the zero-day to install backdoors including AquaShell and tunneling tools. The vulnerability stems from poor HTTP request validation in the Spam Quarantine feature.

Patches are available for multiple AsyncOS versions, with no workarounds. Cisco urges immediate updates through the web interface.

Source: SecurityWeek

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

UK Security Agency Warns of Severe Cyber Threats to Critical Infrastructure

Feb 11, 2026

Cybercriminals Selling 139GB of Stolen US Utility Engineering Data for $585K

Jan 8, 2026

AI-Assisted Scan Uncovers 9-Year-Old Linux Vulnerability Affecting Every Modern Build

May 1, 2026

Major Security Breach Exposes 1.5 Million Users on AI Social Network Moltbook

Feb 1, 2026