Cisco says Chinese hackers are exploiting its customers with a new zero-day

• A zero‑day in Cisco AsyncOS lets attackers gain root access on Secure Email appliances with Spam Quarantine exposed online
• All AsyncOS releases are vulnerable, and with no patch available Cisco urges full wipes and rebuilds to remove persistence
• Researchers suspect a Chinese state‑sponsored actor, with many large organizations potentially at risk

Cisco is warning that some of its products have a zero-day vulnerability that is now being actively exploited in attacks. There is currently no patch available, and users are advised to take certain steps to harden their defenses instead.

In a security advisory, Cisco said it became aware of a new cyberattack campaign on December 10. This attack targets appliances running Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager.

The bug affects both physical and virtual instances of these appliances, but only when they are configured with the Spam Quarantine ...