CVE-2025-20207

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Feb 5, 2025

CWE ID 200

Summary

CVE-2025-20207 is a vulnerability affecting Cisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance. An authenticated, remote attacker can exploit this issue by sending a crafted SNMP poll request, allowing them to obtain confidential operating system information. The affected devices do not adequately protect sensitive data during SNMP polling. Successful exploitation requires the attacker to have the configured SNMP credentials.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/3Fa-9l
https://www.cve.org/CVERecord?id=CVE-2025-20207
https://nvd.nist.gov/vuln/detail/CVE-2025-20207

Back to Vulnerability Database

CVE-2025-20207

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations