CVE-2025-20393 Cisco Secure Email Gateway and Cisco Secure Email and Web Manager Remote Command Execution Vulnerability

🗓️ 17 Dec 2025 16:47:13Reported by ciscoType

CVE-2025-20393 enables remote command execution in Cisco Secure Email Gateway and Web Manager.

Reporter	Title	Published	Views	Family All 24
GithubExploit	Exploit for CVE-2025-20393	18 Dec 202512:10	–	githubexploit
GithubExploit	Exploit for CVE-2025-20393	18 Dec 202507:25	–	githubexploit
ATTACKERKB	CVE-2025-20393	17 Dec 202516:47	–	attackerkb
Circl	CVE-2025-20393	17 Dec 202517:03	–	circl
CISA KEV Catalog	Cisco Multiple Products Improper Input Validation Vulnerability	17 Dec 202500:00	–	cisa_kev
CISA	CISA Adds Three Known Exploited Vulnerabilities to Catalog	17 Dec 202512:00	–	cisa
Cisco	Reports About Cyberattacks Against Cisco Secure Email Gateway And Cisco Secure Email and Web Manager	17 Dec 202516:00	–	cisco
Tenable Nessus	Cisco Secure Email and Web Manager RCE (cisco-sa-sma-attack-N9bf4)	25 Feb 202600:00	–	nessus
Tenable Nessus	Cisco Secure Email Gateway RCE (cisco-sa-sma-attack-N9bf4)	16 Jan 202600:00	–	nessus
CNNVD	Cisco Secure Email和Cisco Secure Email and Web Manager 安全漏洞	17 Dec 202500:00	–	cnnvd

[
  {
    "vendor": "Cisco",
    "product": "Cisco Secure Email",
    "versions": [
      {
        "version": "14.0.0-698",
        "status": "affected"
      },
      {
        "version": "13.5.1-277",
        "status": "affected"
      },
      {
        "version": "13.0.0-392",
        "status": "affected"
      },
      {
        "version": "14.2.0-620",
        "status": "affected"
      },
      {
        "version": "13.0.5-007",
        "status": "affected"
      },
      {
        "version": "13.5.4-038",
        "status": "affected"
      },
      {
        "version": "14.2.1-020",
        "status": "affected"
      },
      {
        "version": "14.3.0-032",
        "status": "affected"
      },
      {
        "version": "15.0.0-104",
        "status": "affected"
      },
      {
        "version": "15.0.1-030",
        "status": "affected"
      },
      {
        "version": "15.5.0-048",
        "status": "affected"
      },
      {
        "version": "15.5.1-055",
        "status": "affected"
      },
      {
        "version": "15.5.2-018",
        "status": "affected"
      },
      {
        "version": "16.0.0-050",
        "status": "affected"
      },
      {
        "version": "15.0.3-002",
        "status": "affected"
      },
      {
        "version": "16.0.0-054",
        "status": "affected"
      },
      {
        "version": "15.5.3-022",
        "status": "affected"
      },
      {
        "version": "16.0.1-017",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  },
  {
    "vendor": "Cisco",
    "product": "Cisco Secure Email and Web Manager",
    "versions": [
      {
        "version": "13.6.2-023",
        "status": "affected"
      },
      {
        "version": "13.6.2-078",
        "status": "affected"
      },
      {
        "version": "13.0.0-249",
        "status": "affected"
      },
      {
        "version": "13.0.0-277",
        "status": "affected"
      },
      {
        "version": "13.8.1-052",
        "status": "affected"
      },
      {
        "version": "13.8.1-068",
        "status": "affected"
      },
      {
        "version": "13.8.1-074",
        "status": "affected"
      },
      {
        "version": "14.0.0-404",
        "status": "affected"
      },
      {
        "version": "12.8.1-002",
        "status": "affected"
      },
      {
        "version": "14.1.0-227",
        "status": "affected"
      },
      {
        "version": "13.6.1-201",
        "status": "affected"
      },
      {
        "version": "14.2.0-203",
        "status": "affected"
      },
      {
        "version": "14.2.0-212",
        "status": "affected"
      },
      {
        "version": "12.8.1-021",
        "status": "affected"
      },
      {
        "version": "13.8.1-108",
        "status": "affected"
      },
      {
        "version": "14.2.0-224",
        "status": "affected"
      },
      {
        "version": "14.3.0-120",
        "status": "affected"
      },
      {
        "version": "15.0.0-334",
        "status": "affected"
      },
      {
        "version": "15.5.1-024",
        "status": "affected"
      },
      {
        "version": "15.5.1-029",
        "status": "affected"
      },
      {
        "version": "15.5.2-005",
        "status": "affected"
      },
      {
        "version": "16.0.0-195",
        "status": "affected"
      },
      {
        "version": "15.5.3-017",
        "status": "affected"
      },
      {
        "version": "16.0.1-010",
        "status": "affected"
      },
      {
        "version": "15.0.1-035",
        "status": "affected"
      },
      {
        "version": "16.0.2-088",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4

15 Jan 2026 16:32Current

CVSS 3.110

EPSS0.2906