CVE-2025-20153
First published: Wed Feb 19 2025(Updated: )
A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device. This vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email filters on the affected device.
Credit: psirt@cisco.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco AsyncOS for Secure Email Gateway |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2025-20153?
CVE-2025-20153 has been classified as a high severity vulnerability.
How do I fix CVE-2025-20153?
To remediate CVE-2025-20153, ensure that your Cisco Secure Email Gateway is updated to the latest version as per Cisco's security advisory.
What products are affected by CVE-2025-20153?
CVE-2025-20153 affects Cisco Secure Email Gateway devices running certain versions of Cisco AsyncOS.
Can CVE-2025-20153 be exploited remotely?
Yes, CVE-2025-20153 can be exploited by unauthenticated remote attackers.
What type of attack does CVE-2025-20153 facilitate?
CVE-2025-20153 allows attackers to bypass email filtering rules, potentially allowing malicious emails to pass through.
- collector/nvd-api
- source/NVD
- agent/references
- agent/weakness
- agent/severity
- agent/last-modified-date
- agent/source
- agent/description
- agent/first-publish-date
- agent/type
- agent/author
- agent/event
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- vendor/cisco
- canonical/cisco asyncos for secure email gateway