Cisco Zero-Day Actively Exploited in Cisco Secure Email Gateway and Secure Email and Web Manager, China-Nexus Actors Suspected

(TLP:CLEAR) ACTION MAY BE REQUIRED for utilities running Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager. Utilities that outsource technology support may need to consult with their service providers for assistance with remediation actions. For mitigation guidance, access Cisco.

WaterISAC strongly encourages members to follow the guidance outlined in Cisco’s security advisory and review it regularly. While Cisco has mentioned there are no workarounds at this time, they do include recommendations to help customers harden their appliances, as well as a multi-step process to restore appliances to a secure configuration. Cisco will continue to update its guidance while the investigation remains ongoing.