Cisco says Chinese hackers are exploiting its customers with a new zero-day
2 days ago
- #cybersecurity
- #zero-day
- #Cisco
- Cisco announced hackers are exploiting a critical vulnerability in some of its most popular products, allowing full takeover of affected devices.
- No patches are currently available for the vulnerability.
- The hacking campaign targets Cisco AsyncOS software, specifically affecting Cisco Secure Email Gateway, Cisco Secure Email, and Web Manager appliances.
- Affected devices have the 'Spam Quarantine' feature enabled and are internet-facing, though this feature is not enabled by default.
- Security researchers note that the attack surface is limited due to the requirement of an internet-facing management interface and specific features being enabled.
- The vulnerability is particularly problematic as many large organizations use the affected products, and hackers have had backdoors in systems since at least late November 2025.
- Cisco suggests wiping and rebuilding affected products' software as the only current solution.
- The hackers behind the campaign are linked to China and known Chinese government hacking groups.