CVE-2025-20185

Summary

A vulnerability in the implementation of the remote access functionality of Cisco AsyncOS Software for Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance could allow an authenticated, local attacker to elevate privileges to root. The attacker must authenticate with valid administrator credentials.

This vulnerability is due to an architectural flaw in the password generation algorithm for the remote access functionality. An attacker could exploit this vulnerability by generating a temporary password for the service account. A successful exploit could allow the attacker to execute arbitrary commands as root and access the underlying operating system. Note: The Security Impact Rating (SIR) for this vulnerability is Medium due to the unrestricted scope of information that is accessible to an attacker.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Secure Email14.0.0-698affected
CiscoCisco Secure Email13.5.1-277affected
CiscoCisco Secure Email13.0.0-392affected
CiscoCisco Secure Email14.2.0-620affected
CiscoCisco Secure Email13.0.5-007affected
CiscoCisco Secure Email13.5.4-038affected
CiscoCisco Secure Email14.2.1-020affected
CiscoCisco Secure Email14.3.0-032affected
CiscoCisco Secure Email15.0.0-104affected
CiscoCisco Secure Email15.0.1-030affected
CiscoCisco Secure Email15.5.0-048affected
CiscoCisco Secure Email15.5.1-055affected
CiscoCisco Secure Email15.5.2-018affected
CiscoCisco Secure Email15.0.3-002affected
CiscoCisco Secure Email and Web Manager13.6.2-023affected
CiscoCisco Secure Email and Web Manager13.6.2-078affected
CiscoCisco Secure Email and Web Manager13.0.0-249affected
CiscoCisco Secure Email and Web Manager13.0.0-277affected
CiscoCisco Secure Email and Web Manager13.8.1-052affected
CiscoCisco Secure Email and Web Manager13.8.1-068affected
CiscoCisco Secure Email and Web Manager13.8.1-074affected
CiscoCisco Secure Email and Web Manager14.0.0-404affected
CiscoCisco Secure Email and Web Manager12.8.1-002affected
CiscoCisco Secure Email and Web Manager14.1.0-227affected
CiscoCisco Secure Email and Web Manager13.6.1-201affected
CiscoCisco Secure Email and Web Manager14.2.0-203affected
CiscoCisco Secure Email and Web Manager14.2.0-212affected
CiscoCisco Secure Email and Web Manager12.8.1-021affected
CiscoCisco Secure Email and Web Manager13.8.1-108affected
CiscoCisco Secure Email and Web Manager14.2.0-224affected
CiscoCisco Secure Email and Web Manager14.3.0-120affected
CiscoCisco Secure Email and Web Manager15.0.0-334affected
CiscoCisco Secure Email and Web Manager15.5.1-024affected
CiscoCisco Secure Email and Web Manager15.5.1-029affected
CiscoCisco Secure Email and Web Manager15.5.2-005affected
CiscoCisco Secure Web Appliance11.8.0-453affected
CiscoCisco Secure Web Appliance12.5.3-002affected
CiscoCisco Secure Web Appliance12.0.3-007affected
CiscoCisco Secure Web Appliance12.0.3-005affected
CiscoCisco Secure Web Appliance14.1.0-032affected
CiscoCisco Secure Web Appliance14.1.0-047affected
CiscoCisco Secure Web Appliance14.1.0-041affected
CiscoCisco Secure Web Appliance12.0.4-002affected
CiscoCisco Secure Web Appliance14.0.2-012affected
CiscoCisco Secure Web Appliance11.8.0-414affected
CiscoCisco Secure Web Appliance12.0.1-268affected
CiscoCisco Secure Web Appliance11.8.1-023affected
CiscoCisco Secure Web Appliance11.8.3-021affected
CiscoCisco Secure Web Appliance11.8.3-018affected
CiscoCisco Secure Web Appliance12.5.1-011affected
CiscoCisco Secure Web Appliance11.8.4-004affected
CiscoCisco Secure Web Appliance12.5.2-007affected
CiscoCisco Secure Web Appliance12.5.2-011affected
CiscoCisco Secure Web Appliance14.5.0-498affected
CiscoCisco Secure Web Appliance12.5.4-005affected
CiscoCisco Secure Web Appliance12.5.4-011affected
CiscoCisco Secure Web Appliance12.0.5-011affected
CiscoCisco Secure Web Appliance14.0.3-014affected
CiscoCisco Secure Web Appliance12.5.5-004affected
CiscoCisco Secure Web Appliance12.5.5-005affected
CiscoCisco Secure Web Appliance12.5.5-008affected
CiscoCisco Secure Web Appliance14.0.4-005affected
CiscoCisco Secure Web Appliance14.5.1-008affected
CiscoCisco Secure Web Appliance14.5.1-016affected
CiscoCisco Secure Web Appliance15.0.0-355affected
CiscoCisco Secure Web Appliance15.0.0-322affected
CiscoCisco Secure Web Appliance12.5.6-008affected
CiscoCisco Secure Web Appliance15.1.0-287affected
CiscoCisco Secure Web Appliance14.5.2-011affected
CiscoCisco Secure Web Appliance15.2.0-116affected
CiscoCisco Secure Web Appliance14.0.5-007affected
CiscoCisco Secure Web Appliance15.2.0-164affected
CiscoCisco Secure Web Appliance14.5.1-510affected
CiscoCisco Secure Web Appliance12.0.2-012affected
CiscoCisco Secure Web Appliance12.0.2-004affected
CiscoCisco Secure Web Appliance14.5.1-607affected
CiscoCisco Secure Web Appliance14.5.3-033affected
CiscoCisco Secure Web Appliance15.0.1-004affected
CiscoCisco Secure Web Appliance15.2.1-011affected
CiscoCisco Secure Web Appliance14.5.0-673affected
CiscoCisco Secure Web Appliance14.5.0-537affected
CiscoCisco Secure Web Appliance12.0.1-334affected
CiscoCisco Secure Web Appliance14.0.1-503affected
CiscoCisco Secure Web Appliance14.0.1-053affected
CiscoCisco Secure Web Appliance11.8.0-429affected
CiscoCisco Secure Web Appliance14.0.1-040affected
CiscoCisco Secure Web Appliance14.0.1-014affected
CiscoCisco Secure Web Appliance12.5.1-043affected

Weaknesses

  • CWE-250: Execution with Unnecessary Privileges

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References