Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Whitepapers
    • AI Models Leaderboard
  • AI toolsNEW
  • Newsletter
  • + More
    • Glossary
    • Conversations
    • Events
    • About
      • Who we are
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
  • AI
  • Tech
  • Cybersecurity
  • Finance
  • DeFi & Blockchain
  • Startups
  • Gaming
Dataconomy
  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Whitepapers
    • AI Models Leaderboard
  • AI toolsNEW
  • Newsletter
  • + More
    • Glossary
    • Conversations
    • Events
    • About
      • Who we are
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
Subscribe
No Result
View All Result
Dataconomy
No Result
View All Result

Cisco tells customers to wipe and rebuild hacked appliances

A critical security flaw in Cisco Secure Email products allows hackers to install persistent backdoors with no patch available

byAytun Çelebi
December 18, 2025
in Cybersecurity, News
Home News Cybersecurity
Share on FacebookShare on TwitterShare on LinkedInShare on WhatsAppShare on e-mail
Google Preferred Source

Cisco announced that hackers linked to China are exploiting a zero-day vulnerability in its AsyncOS software across Cisco Secure Email Gateway, Cisco Secure Email, and Web Manager appliances, enabling full device takeover with no patches available yet.

The company detected the hacking campaign on December 10. This campaign targets physical and virtual appliances running Cisco AsyncOS software. The vulnerability specifically impacts devices where the Spam Quarantine feature remains enabled and the appliances remain accessible from the internet. Cisco emphasized in its security advisory that administrators do not enable Spam Quarantine by default. The advisory further clarified that this feature requires no internet exposure for normal operation.

Michael Taggart, senior cybersecurity researcher at UCLA Health Sciences, provided analysis to TechCrunch. He stated, “the requirement of an internet-facing management interface and certain features being enabled will limit the attack surface for this vulnerability.” Taggart’s observation highlights how configuration choices by administrators influence exposure risks in these systems.

Stay Ahead of the Curve!

Don't miss out on the latest insights, trends, and analysis in the world of data, technology, and startups. Subscribe to our newsletter and get exclusive content delivered straight to your inbox.

Kevin Beaumont, a security researcher who tracks hacking campaigns, also spoke to TechCrunch about the campaign’s implications. He described it as particularly problematic for several reasons. Large organizations deploy the affected products extensively throughout their networks. No patches exist to address the issue at present. The duration of the hackers’ backdoor presence in compromised systems stays unclear. Cisco has disclosed no information on the number of affected customers.

TechCrunch reached out to Cisco spokesperson Meredith Corley with a series of questions. Corley responded that the company “is actively investigating the issue and developing a permanent remediation.” She offered no further details on those inquiries. Cisco’s current guidance directs customers to wipe and rebuild the software on affected appliances. The security advisory explains this approach in detail: “In case of confirmed compromise, rebuilding the appliances is, currently, the only viable option to eradicate the threat actors persistence mechanism from the appliance.” This process removes the hackers’ established persistence entirely.

Cisco Talos, the company’s threat intelligence research team, detailed the operation in a blog post. The post attributes the hackers to China and connects them to other known Chinese government hacking groups. Talos researchers documented how the actors exploit the zero-day vulnerability to install persistent backdoors. Evidence shows the campaign active since at least late November 2025. The blog post outlines the technical methods used for initial access and subsequent persistence on the compromised appliances.


Featured image credit

Tags: Cisco

Related Posts

OpenAI retires Atlas browser to focus on new ChatGPT superapp

OpenAI retires Atlas browser to focus on new ChatGPT superapp

July 14, 2026
Microsoft tests Copilot’s new PC insights feature in Windows 11

Microsoft tests Copilot’s new PC insights feature in Windows 11

July 14, 2026
Xiaomi unveils SkyNomad N90 range-extender SUV

Xiaomi unveils SkyNomad N90 range-extender SUV

July 14, 2026
X algorithm update aims to make replies feel friendlier

X algorithm update aims to make replies feel friendlier

July 14, 2026
Windows 11 Search Box gets less clutter and more control

Windows 11 Search Box gets less clutter and more control

July 14, 2026
Pixel 11 leak shows bold magenta and peach colors

Pixel 11 leak shows bold magenta and peach colors

July 14, 2026

LATEST NEWS

OpenAI retires Atlas browser to focus on new ChatGPT superapp

Microsoft tests Copilot’s new PC insights feature in Windows 11

Xiaomi unveils SkyNomad N90 range-extender SUV

X algorithm update aims to make replies feel friendlier

Windows 11 Search Box gets less clutter and more control

Pixel 11 leak shows bold magenta and peach colors

BEST AI MODELS LEADERBOARD

See the best AI models, ranked by intelligence, benchmark results, speed and token price. Find the most suitable LLMs, Text-to-Image, Image Editing, Text-to-Speech, Text-to-Video and Image-to-Video  artificial intelligence model for your tasks and business.

LATEST TOOLS

Amanda AI

InterviewBot

VernAI

MyLoans

Essay Grader AI

Cover Letter AI

Animate Old Photos

Resume.io

MonAI

AIEngine Plugin

Dataconomy

COPYRIGHT © DATACONOMY MEDIA GMBH, ALL RIGHTS RESERVED.

  • About
  • Imprint
  • Contact
  • Legal & Privacy

Follow Us

  • News
    • Artificial Intelligence
    • Cybersecurity
    • DeFi & Blockchain
    • Finance
    • Gaming
    • Startups
    • Tech
  • Industry
  • Research
  • Resources
    • Articles
    • Guides
    • Case Studies
    • Whitepapers
    • AI Models Leaderboard
  • AI tools
  • Newsletter
  • + More
    • Glossary
    • Conversations
    • Events
    • About
      • Who we are
      • Contact
      • Imprint
      • Legal & Privacy
      • Partner With Us
No Result
View All Result
Subscribe

This website uses cookies to improve your experience. You can choose to accept or reject them. Visit our Privacy Policy.