Cybersecurity Threat - Cisco Secure Email存在0-Day漏洞攻击，目前尚无修复方案[1] - 攻击由名为UAT-9686的中国黑客组织发起[1]

Core Viewpoint - Cisco has announced that hackers are exploiting a critical vulnerability in its popular products, allowing full device takeover, with no patches currently available [1] Group 1: Vulnerability Details - Cisco discovered a hacking campaign targeting Cisco AsyncOS software, specifically affecting Cisco Secure Email Gateway, Cisco Secure Email, and Web Manager [2] - The affected devices have the "Spam Quarantine" feature enabled and are accessible from the internet, although this feature is not enabled by default [3] Group 2: Security Implications - The requirement for an internet-facing management interface and specific features being enabled may limit the attack surface for this vulnerability, according to cybersecurity experts [3] - The hacking campaign is particularly concerning as many large organizations use the affected products, and the lack of available patches raises significant risks [3] Group 3: Customer Impact and Response - Cisco has not disclosed how many customers are affected and is currently investigating the issue while developing a permanent solution [4] - The recommended immediate action for customers is to wipe and rebuild the affected products' software, as this is the only viable option to eliminate the threat [5] Group 4: Attribution and Timeline - The hackers are linked to China and known Chinese government hacking groups, with the campaign reportedly ongoing since at least late November 2025 [6]