2025-042: Critical Vulnerability in Cisco Secure Email and Web Manager
On December 17, 2025, Cisco released a security advisory for a critical vulnerability affecting Cisco Secure Email Gateway and Cisco Secure Email and Web Manager products. It is recommended to follow Cisco's recommendations to check whether vulnerable appliances have been compromised, and to remediate the issue. There is no patch available for this vulnerability yet.
CSIRTS triage
- What
- A critical vulnerability could allow remote code execution on affected products.
- Who is affected
- Customers using Cisco Secure Email Gateway and Secure Email and Web Manager are affected.
- Urgency
- Remediation is critical as the vulnerability is actively exploited and no patch is available yet.
- Action
- Check for compromised appliances and follow Cisco's recommendations.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch Secure Email Gateway and Secure Email and Web Manager
Get an email when a new Secure Email Gateway and Secure Email and Web Manager advisory drops — max one per day, one-click unsubscribe.
Details
Original advisory: https://cert.europa.eu/publications/security-advisories/2025-042/
Exploitation outlook
EPSS (FIRST.org) estimates each CVE’s probability of exploitation in the next 30 days — here is the CSIRTS.com read on those numbers.
- Elevated exploitation riskCVE-2025-2039329.1% 30-day exploitation probability — well above the norm. Schedule remediation this cycle. Riskier than 98% of all scored CVEs.
Referenced CVEs
| CVE | CSIRTS overview | External |
|---|---|---|
| CVE-2025-20393 | coverage & exploitation status | NVD · CVE.org |
Same CVEs, other sources
How other CERTs, PSIRTs and databases cover the vulnerabilities in this advisory.
- criticalexploitedCVE-2025-20393: Cisco Multiple Products Improper Input Validation Vulnerabilitycisa-kev
More from CERT-EU Security Advisories
- critical2026-008: Critical vulnerabilities in Ivanti Sentry2026-06-10
- critical2026-007: Critical Vulnerability in Windows Netlogon2026-06-10
- critical2026-006: Critical Vulnerability in PAN-OS2026-05-06
- high2026-005: High Vulnerability in the Linux Kernel ("Copy Fail")2026-04-30
- critical2026-004: Critical Vulnerability in SharePoint Exploited2026-03-25