NewsSecurity Vulnerabilities

Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability

CVE number = CVE-2025-20333

On November 5th 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions.

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device.

This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device.

Cisco has released software updates that address this vulnerability. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability. There are no workarounds that address this vulnerability.

This vulnerability affects Cisco devices if they are running a vulnerable release of Cisco Secure Firewall ASA Software or Cisco Secure FTD Software and have one or more of the vulnerable configurations listed in the below advisory.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.