Hot
Video
Sports
Cricket
Entertainment
Technology
Health
Lifestyle
Auto
Business
Education
National
World
Politics
Travel
Food
Hundreds of Cisco customers at risk from Chinese hacking campaign
NewsBytes December 20, 2025 06:39 PM


Hundreds of Cisco customers at risk from Chinese hacking campaign
20 Dec 2025


A group of Chinese government-backed hackers are exploiting a vulnerability in Cisco's products, the tech giant has revealed.

The targeted attack is aimed at enterprise customers using some of its most popular products.

The vulnerability, officially known as CVE-2025-20393, was discovered before Cisco could release patches for it.

Security researchers estimate that hundreds of Cisco customers could be affected by this security flaw.


Scale of exposure remains unclear
Uncertainty


While Cisco has not disclosed how many of its customers have been hacked or are running vulnerable systems, Piotr Kijewski, CEO of the nonprofit Shadowserver Foundation, told TechCrunch that the scale of exposure "seems more in the hundreds rather than thousands or tens of thousands."

However, he added that there is no widespread activity yet as "current attacks are targeted."


Tracking vulnerable systems
Monitoring efforts


The Shadowserver Foundation is keeping a tab on the number of systems exposed and vulnerable to CVE-2025-20393.

As per their data, India, Thailand, and the US have dozens of affected systems within their borders.

Censys, a cybersecurity firm that monitors hacking activities across the internet, has also found 220 internet-exposed Cisco email gateways.


Vulnerability present in several Cisco products
Affected products


Cisco has confirmed that the vulnerability exists in software used by a number of its products, including the Secure Email Gateway and Secure Email and Web Manager.

The company clarified that these systems are only vulnerable if they are reachable from the internet and have its "spam quarantine" feature enabled, conditions not enabled by default.


No patches available for the vulnerability
Remediation challenges


The major concern with this hacking campaign is that there are no patches available yet.

Cisco has advised customers to wipe and "restore an affected appliance to a secure state" as a way to remediate any breach.

"In case of confirmed compromise, rebuilding the appliances is, currently, the only viable option to eradicate the threat actors' persistence mechanism from the appliance," Cisco wrote in its advisory.

You might like
Randeep Hooda’s wife Lin Laishram opens up on pregnancy journey, shares she lost a baby earlier this year: ‘Fingers crossed…’
Odisha Vigilance Unearths 2 Palatial Buildings, 3 Plots During Raid On Forest Range Officer
FabHotels DRHP: A Look At Shareholding Pattern & Key Executives
Money laundering case: ED questions Anil Ambani's son for second straight day
Man, 23, found stabbed to death in alleyway next to pub pictured as teen charged
© Copyright @2025 LIDEA. All Rights Reserved.