Cisco has disclosed that a group of hackers backed by the Chinese government is exploiting a vulnerability in some of its key products, putting its enterprise customers at risk. While the exact number of compromised customers remains undisclosed by Cisco, security researchers have identified potentially hundreds of vulnerable Cisco customers.
Piotr Kijewski, CEO of the Shadowserver Foundation, a nonprofit that monitors hacking activities, stated that the exposure scale appears to be in the hundreds. The foundation’s ongoing monitoring indicates that the attacks are targeted rather than widespread.
Shadowserver has been actively tracking the systems exposed to the disclosed vulnerability, officially known as CVE-2025-20393. This zero-day vulnerability, discovered before Cisco could release patches, has impacted numerous systems, with India, Thailand, and the United States showing dozens of affected systems.
Cybersecurity firm Censys has also reported a limited number of affected Cisco customers, identifying 220 internet-exposed Cisco email gateways as vulnerable targets.
This event underscores the critical importance of prompt patching and proactive cybersecurity measures for enterprises utilizing Cisco products to mitigate the risk of exploitation by threat actors.
Source: TechCrunch
Leave a Reply