As of December 25, 2025, Cisco Systems, Inc. (NASDAQ: CSCO) is entering the year-end stretch with two storylines moving in opposite directions: stronger AI-driven networking demand that helped lift its FY2026 outlook, and a high-severity security crisis involving an actively exploited zero-day impacting Cisco email security appliances.
On the business side, Cisco has been positioning itself as a “picks-and-shovels” provider for the AI era—selling the networking, optics, routing, and edge platforms that hyperscalers and enterprises need to move and secure rising volumes of AI traffic. The company’s Q1 FY2026 results (quarter ended Oct. 25, 2025) showed solid growth and accelerating hyperscaler AI infrastructure orders, while management issued guidance that includes the expected impact of tariffs. [1]
On the risk side, security teams are racing to mitigate an unpatched vulnerability tracked as CVE-2025-20393. The issue carries a CVSS 10.0 “Critical” score and is tied to a campaign targeting a subset of devices with specific configurations exposed to the internet. [2]
Below is a detailed, publication-ready breakdown of Cisco’s latest news, forecasts, and analyst-style takeaways relevant to 25.12.2025, with key context on what matters next.
What’s happening with Cisco right now: the headlines that matter
1) Cybersecurity: CVE-2025-20393 zero-day exploited against Cisco email security appliances
Cisco’s security ecosystem is in the spotlight after disclosures that Cisco Secure Email Gateway and Cisco Secure Email and Web Manager can be compromised under a specific set of conditions—particularly when the Spam Quarantine feature is enabled and exposed to the internet. The advisory ecosystem around the incident emphasizes that Spam Quarantine is not enabled by default, but exposed deployments have been actively targeted. [3]
Cisco Talos attributes the activity (with moderate confidence) to a Chinese-nexus threat actor it tracks as UAT-9686, describing use of a custom persistence mechanism called “AquaShell” and additional tooling for reverse tunneling and log clearing. Talos also says Cisco became aware on Dec. 10, 2025, with activity observed since at least late November. [4]
From a governance and urgency perspective, the vulnerability appears in the U.S. government’s exploited-vulnerability workflow: NIST’s NVD page indicates it is in CISA’s Known Exploited Vulnerabilities (KEV) context and lists a Due Date of 12/24/2025 with required action to apply mitigations per vendor guidance or discontinue use if mitigations aren’t available. [5]
2) Financial forecast: Cisco raised FY2026 guidance amid AI infrastructure demand
Cisco’s fiscal 2026 outlook is central to Wall Street’s end-of-year debate about whether CSCO’s AI momentum is cyclical—or durable.
Cisco’s published guidance (from its Q1 FY2026 earnings release) calls for:
- Q2 FY2026 revenue:$15.0B–$15.2B
- Q2 FY2026 non-GAAP EPS:$1.01–$1.03
- FY2026 revenue:$60.2B–$61.0B
- FY2026 non-GAAP EPS:$4.08–$4.14
Cisco notes that margin and EPS guidance includes estimated tariff impacts based on current trade policy. [6]
Reuters’ coverage of the same period underscores the “why”: Cisco cited multi-billion-dollar data center expansion tied to the AI boom, and CEO Chuck Robbins discussed expectations for $3B in AI infrastructure revenue from hyperscalers in FY2026, after securing more than $2B in AI-related orders in FY2025. [7]
3) Product and strategy: Cisco is building for AI networks across data centers, edge, and telecom
Cisco’s recent product narrative is consistent: AI increases traffic, and traffic increases networking spend—especially for high-performance Ethernet fabrics, optics, routing, and secure edge compute.
Key developments from late 2025 include:
- Cisco Unified Edge (edge AI platform): Reuters reported Cisco launched “Cisco Unified Edge” to run AI workloads at local sites (retail, factories, healthcare), using an Intel chip and with Verizon as an early adopter; it’s expected to be generally available by the end of 2025. [8]
- P200 chip + routing system for AI data center interconnect: Reuters reported Cisco introduced its P200 chip (and a related routing device) designed to connect AI data centers over long distances, with Microsoft and Alibaba cloud units as customers, competing with Broadcom. [9]
- Expanded AI networking innovations with NVIDIA: Cisco announced the Cisco N9100 (a partner-developed data center switch based on NVIDIA Spectrum-X Ethernet switch silicon), plus cloud reference architecture work and enterprise “Secure AI Factory” enhancements—positioned for neocloud/sovereign cloud and enterprise deployments. [10]
- Quantum-cloud software tooling: Reuters also reported Cisco launched software intended to help connect quantum computers from different makers into a single cloud by analyzing a problem and splitting it across multiple machines, as part of its broader quantum networking approach. [11]
4) M&A and capability-building: Cisco’s 2025 acquisitions lean into AI and Splunk-adjacent value
Cisco’s acquisitions list highlights several notable 2025 moves, including:
- NeuralFabric (Nov. 13, 2025): generative AI platform for domain-specific small language models
- EzDubs (Nov. 14, 2025): real-time AI-driven speech-to-speech translation
- Aura Asset Intelligence (Discovered Intelligence) (announced Aug. 25, 2025): ARI solution built as a Splunk app to enhance asset/identity discovery and relationship mapping [12]
Cisco’s Q1 FY2026 earnings release also notes it closed an acquisition tied to Aura Asset Intelligence in the quarter. [13]
Cisco’s FY2026 forecast in context: what the numbers say (and what they don’t)
Cisco’s most important near-term forecast is not just the revenue range—it’s the mix of revenue drivers implied by management commentary and order momentum.
In Q1 FY2026, Cisco reported:
- Revenue:$14.9B (up 8% YoY)
- Non-GAAP EPS:$1.00 (up 10% YoY)
- Product orders: up 13% YoY, with double-digit growth in networking product orders for a fifth consecutive quarter (per the release’s summary points) [14]
Cisco explicitly framed a “multi-year, multi-billion-dollar campus networking refresh cycle” as underway, with ramping adoption of newer platforms like smart switches, secure routers, and Wi‑Fi 7 products. [15]
On the AI side, Cisco disclosed hyperscaler AI infrastructure orders of $1.3B in Q1 FY2026, describing it as a “significant acceleration in growth.” [16]
Reuters adds further color: Robbins said Cisco had a pipeline “in excess of $2B” for high-performance networking across sovereign, neocloud, and enterprise customers, and expects hyperscaler AI infrastructure to translate into $3B of AI infrastructure revenue in FY2026. [17]
What this means for forecasts: Cisco is effectively telling the market it can grow in a mature category (networking) by attaching to new spending pockets—AI clusters, AI interconnect, edge inference, and the security/observability layers that surround them.
AI networking demand: why hyperscalers, optics, and “campus refresh” are all connected
A defining feature of Cisco’s late-2025 narrative is that AI demand isn’t confined to GPU servers in mega data centers. The infrastructure needs sprawl across:
Data center interconnect and routing
Cisco’s P200 chip story fits into a growing need to connect multiple data centers to operate like a single training environment—especially as power constraints push data centers to new geographies. Reuters reported Cisco’s positioning here directly, including competitive context versus Broadcom and early customers such as Microsoft and Alibaba. [18]
Ethernet switching fabrics for AI clusters
Cisco’s NVIDIA-related launch emphasizes Ethernet’s role in modern AI networking. Cisco says the N9100 is the first NVIDIA partner-developed data center switch based on Spectrum‑X Ethernet silicon, paired with Cisco operating system flexibility (NX‑OS or SONiC) and reference architectures for neocloud and sovereign cloud. [19]
Edge AI
Cisco Unified Edge is a clear bet that inference and agentic workflows will increasingly run closer to where data is produced (branches, factories, hospitals). Reuters reported Cisco’s stated rationale: traditional data centers face rising demand, while local processing can improve responsiveness and reduce backhaul load. [20]
This is why Cisco keeps linking AI demand with the enterprise campus refresh: if AI agents and AI-powered workflows increase internal traffic, enterprises need refreshed switching, routing, wireless, and security to keep performance and resilience intact—an argument Cisco makes explicitly in its earnings commentary and summary bullets. [21]
Security risk: what CVE-2025-20393 means for customers and for Cisco
The most urgent Cisco-related development near Dec. 25, 2025 is the security campaign targeting AsyncOS-based appliances.
What we know from government and Cisco-linked reporting
- Severity: CVE-2025-20393 is listed with CVSS 10.0 (Critical) on NVD, with Cisco as the CNA source. [22]
- Exploitation status: NVD indicates the CVE is in CISA’s exploited-vulnerability framework and includes a 12/24/2025 due date and required action language tied to applying mitigations or discontinuing use if mitigations are unavailable. [23]
- Exposure conditions: An Ireland NCSC advisory notes the campaign affects Cisco Secure Email Gateway and Cisco Secure Email and Web Manager when Spam Quarantine is configured and exposed to the internet, and stresses it’s not enabled by default. [24]
- Threat actor and tooling: Cisco Talos describes the attacker as UAT‑9686, including a persistent backdoor “AquaShell” and supporting tools for tunneling and log purging, with activity ongoing since at least late November 2025. [25]
Why this matters beyond a single CVE
Email security gateways often sit in privileged positions inside enterprise environments, and exploitation of perimeter appliances can become a stepping-stone to deeper compromise. Even when mitigations exist, the operational burden—incident response, rebuilds, segmentation changes, logging verification—can be significant.
For Cisco, this is also reputational: Cisco is positioning security as a pillar of its AI-era strategy, and security incidents can create friction for sales cycles, renewals, and customer trust—particularly in regulated industries and government.
Market and analyst-style debate: bullish AI tailwinds vs. valuation, competition, and execution risk
By mid-December, some market commentary framed Cisco as trading near a 52-week high and asked whether there’s room to run in 2026, pointing to AI momentum while also listing familiar risks: competition in networking/AI, uncertainty around tariffs, macro conditions, and valuation concerns. [26]
Cisco’s own guidance language explicitly references tariffs as a modeled input to margins and EPS, reinforcing that the company is planning around policy uncertainty rather than treating it as theoretical. [27]
Meanwhile, Reuters reporting after Cisco’s forecast upgrade highlighted a more constructive posture among some observers, including the view that Cisco can capture meaningful AI infrastructure spending despite the maturity of its traditional networking business. [28]
One credible way to synthesize the push-and-pull for readers:
- The bull case rests on AI-driven infrastructure spend, enterprise refresh cycles, and Cisco’s ability to monetize higher-performance networking and security across environments (cloud, campus, edge). [29]
- The bear case centers on execution risk (delivering share gains in AI networking), pricing pressure, and the reality that high-severity security incidents can create customer hesitation—especially if mitigations are complex or disruptive. [30]
What to watch next (post–Dec. 25, 2025)
Here are the practical signposts investors, customers, and IT leaders will likely track next:
- CVE-2025-20393 mitigation progress and follow-on disclosures
NVD’s KEV-related due date and Talos’ active-campaign framing suggest the story may continue evolving as defenders assess exposure and attackers adapt. [31] - AI infrastructure orders and conversion into revenue
Cisco’s FY2026 guidance and management commentary point to FY2026 as a year where AI-related demand becomes more visible in reported results. [32] - Product cadence in AI switching, optics, routing, and edge
Announcements like P200, Unified Edge, and the NVIDIA-aligned N9100 are only as meaningful as adoption and repeatability across customer segments. [33] - Portfolio integration and capability expansion via acquisitions
Cisco’s 2025 acquisition activity underscores continued investment in AI enablement and Splunk-adjacent value (e.g., asset/risk intelligence), which could shape recurring revenue and platform stickiness over time. [34]
Bottom line on Cisco (CSCO) for Dec. 25, 2025
Cisco is closing out 2025 with credible business momentum—raised guidance, accelerating hyperscaler AI infrastructure orders, and a strategy that spans data center networking, edge AI, and security. [35]
But the CVE-2025-20393 situation is a reminder that security vendors and infrastructure providers can face sudden, high-impact risks that test operational resilience and customer trust—especially when exploitation is active and mitigations require configuration changes or potential rebuilds. [36]
For Google News and Discover readers, that combination—AI-era growth narrative plus real-time cyber risk—is exactly why Cisco remains one of the most closely watched infrastructure names heading into 2026.
References
1. newsroom.cisco.com, 2. nvd.nist.gov, 3. www.ncsc.gov.ie, 4. blog.talosintelligence.com, 5. nvd.nist.gov, 6. newsroom.cisco.com, 7. www.reuters.com, 8. www.reuters.com, 9. www.reuters.com, 10. newsroom.cisco.com, 11. www.reuters.com, 12. www.cisco.com, 13. newsroom.cisco.com, 14. newsroom.cisco.com, 15. newsroom.cisco.com, 16. newsroom.cisco.com, 17. www.reuters.com, 18. www.reuters.com, 19. newsroom.cisco.com, 20. www.reuters.com, 21. newsroom.cisco.com, 22. nvd.nist.gov, 23. nvd.nist.gov, 24. www.ncsc.gov.ie, 25. blog.talosintelligence.com, 26. www.nasdaq.com, 27. newsroom.cisco.com, 28. www.reuters.com, 29. newsroom.cisco.com, 30. blog.talosintelligence.com, 31. nvd.nist.gov, 32. www.reuters.com, 33. www.reuters.com, 34. www.cisco.com, 35. newsroom.cisco.com, 36. nvd.nist.gov
