据CISA警告,中国相关的黑客自2025年11月起利用了思科的漏洞,获得了根源访问权限; 目前还没有补丁. Chinese-linked hackers exploited a Cisco flaw since Nov. 2025, gaining root access; no patch yet, CISA warns.

自2025年11月底以来,与中国政府有联系的黑客在思科安全电子邮件网关和网络管理系统中利用了关键的零天脆弱性(CVE-2025-20393),获得了根接入,并部署了持久性的后门。 Chinese-government-linked hackers have exploited a critical zero-day vulnerability (CVE-2025-20393) in Cisco Secure Email Gateway and Web Manager systems since late November 2025, gaining root access and deploying persistent backdoors. 这些袭击是APT集团UAT-9686所为,目标是利用垃圾邮件隔离装置在互联网上暴露的装置。 The attacks, attributed to APT group UAT-9686, target internet-exposed devices with Spam Quarantine enabled. Cisco已经确认正在进行中的活动,没有补丁,缓解需要重建系统。 Cisco has confirmed ongoing activity, no patch is available, and mitigation requires system rebuilds. 美国CISA在其已知的被利用的脆弱性目录中增加了缺陷。 The US CISA has added the flaw to its Known Exploited Vulnerabilities catalog.