CVE-2025-20362

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software versions prior to the fix available through patchday September 2025

Description A flaw exists in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software that allows an unauthenticated, remote attacker to access restricted URL endpoints without authentication. This is due to improper validation of user-supplied input in HTTP(S) requests. The vulnerability is actively being exploited, with reports indicating attempted exploitation and, in some cases, successful compromise of systems, potentially by the ArcaneDoor threat actor. The vulnerability has been observed in critical infrastructure in the United States, leading to the compromise of systems, installation of spyware, and data theft. Attackers can send crafted HTTP requests to a targeted web server on a device to gain unauthorized access.

Recommendations Update Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software to the version containing the fix available through patchday September 2025.