PT-2025-39421 · Cisco · Cisco Secure Firewall Asa +1
Published
2025-09-25
·
Updated
2025-09-29
·
CVE-2025-20362
CVSS v3.1
6.5
6.5
Medium
| Base vector | Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software versions prior to 9.12
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software versions 9.12 through 9.14
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software (affected versions not specified)
Description
A flaw exists in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. This issue allows an unauthenticated, remote attacker to access restricted URL endpoints that should require authentication. The root cause is improper validation of user-supplied input within HTTP(S) requests. An attacker can exploit this by sending specially crafted HTTP requests to a targeted web server. Reports indicate active exploitation attempts, and the vulnerability has been linked to compromises of critical infrastructure in the United States, potentially enabling attackers to install spyware and steal sensitive data. The vulnerability affects devices worldwide. The Cisco PSIRT is aware of ongoing exploitation attempts. The vulnerability allows access to restricted URLs without proper authorization.
Recommendations
For Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software versions prior to 9.12, update to a newer version that contains a fix for this vulnerability.
For Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software versions 9.12 through 9.14, apply the security patch available on the Cisco software downloads portal.
For Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software (affected versions not specified), apply the latest security updates available from Cisco.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com
Weakness Enumeration
Related Identifiers
BDU:2025-11751
CVE-2025-20362
Affected Products
Cisco Secure Firewall Asa
Cisco Secure Firewall Threat Defense
References · 86
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW · Vendor Advisory
- https://nvd.nist.gov/vuln/detail/CVE-2025-20362 · Security Note
- https://bdu.fstec.ru/vul/2025-11751 · Security Note
- https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks · Vendor Advisory
- https://twitter.com/TweetThreatNews/status/1971339924700901412 · Twitter Post
- https://t.me/cveNotify/136553 · Telegram Post
- https://twitter.com/ScyScan/status/1971288874094858582 · Twitter Post
- https://twitter.com/CISACyber/status/1971301208100077870 · Twitter Post
- https://twitter.com/_F2po_/status/1971300035712385090 · Twitter Post
- https://twitter.com/cyber_sec_raj/status/1971775806130344330 · Twitter Post
- https://twitter.com/5y5tem5/status/1971325997871136969 · Twitter Post
- https://twitter.com/cyb3rops/status/1971524546210508887 · Twitter Post
- https://reddit.com/r/cybersecurity/comments/1nqf3bw/cisco_asaftd_zerodays_under_active_exploitation · Reddit Post
- https://reddit.com/r/SecOpsDaily/comments/1nrcxi1/threat_insights_active_exploitation_of_cisco_asa · Reddit Post
- https://reddit.com/r/CVEWatch/comments/1nqxd0v/top_10_trending_cves_26092025 · Reddit Post