AI description
CVE-2025-20333 is a vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. It stems from improper validation of user-supplied input in HTTP(S) requests. An authenticated, remote attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. Successful exploitation could allow the attacker to execute arbitrary code as root, potentially leading to complete compromise of the device. Cisco has released software updates to address this vulnerability.
- Description
- A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device.
- Source
- psirt@cisco.com
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 9.9
- Impact score
- 6
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
Data from CISA
- Vulnerability name
- Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability
- Exploit added on
- Sep 25, 2025
- Exploit action due
- Sep 26, 2025
- Required action
- The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendor’s instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
- psirt@cisco.com
- CWE-120
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
49
Cisco ASA/Firepower - Be on the lookout for this url 👇 (/+CSCOL+/csvrloader64.cab) - Contains an archive for the Cisco SSL VPN Relay Loader - Likely can be used for version fingerprinting (little info out there about the loader) (CVE-2025-20333 / CVE-2025-20362) https://t
@SimoKohonen
26 Sept 2025
92 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20333, CVE-2025-20362: Frequently Asked Questions About Zero-Day Cisco Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) Vulnerabilities https://t.co/Yq1O1OGo5a https://t.co/VMdWa6DFzY
@Trej0Jass
26 Sept 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cyber chaos unfolds with critical Cisco zero-day exploits, multi-airport cyberattacks, massive data leaks, and emerging hybrid drone threats — all reported just in the last hour. Here’s what you need to know: 🚨 Cisco ASA/Firepower vulnerabilities CVE-2025-20333 &
@np_cyber_news
26 Sept 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
25/09/2025 Urgent: Two zero-day vulnerabilities (CVE-2025-20333) in Cisco ASA are actively exploited! 🚨 Enterprises must patch these flaws immediately to safeguard against potential breaches. Source: https://t.co/afzYS6RQKW
@kernyx64
26 Sept 2025
10 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 WARNING: Cisco VPN gear under active attack! Two zero-days (CVE-2025-20333, CVSS 9.9 & CVE-2025-20362) let hackers gain root access and bypass auth. CISA issued an emergency directive—federal agencies have 24 hrs to patch. #cybernews https://t.co/LJAF3ztaZY
@Free713PK
26 Sept 2025
107 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco ASAおよびFTDにおける複数の脆弱性(CVE-2025-20333、CVE-2025-20362)に関する注意喚起を公開。国内の実被害は未確認ながら、これら脆弱性を悪用した攻撃が海外で確認されており、国内への影響が懸念されます
@jpcert
26 Sept 2025
98 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
統合版 JPCERT/CC | 注意喚起: Cisco ASAおよびFTDにおける複数の脆弱性(CVE-2025-20333、CVE-2025-20362)に関する注意喚起 (公開) https://t.co/STprYfyLst #itsec_jp
@itsec_jp
26 Sept 2025
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Major Security Event: CVE-2025-20333 🚨 Critical Cisco firewall zero-day (CVSS 9.9) is under active exploitation. Bitsight’s MSE team urges immediate patching. Details in our blog ⬇️ 👉 https://t.co/POicHZoiuH #BitsightAdvisory #Cybersecurity #MajorSecurityEvent
@Bitsight
25 Sept 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
ok, so is running ASA on Firepower 4100 series in platfrom mode ASA hardware? Feels like it but not sure.. @CISAgov @CISACyber @TalosSecurity @CiscoSecure CVE-2025-20333 CVE-2025-20362 https://t.co/1pjrkGiHhW
@5y5tem5
25 Sept 2025
146 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Current exposure to recently disclosed zero day vulnerability (CVE-2025-20333) affecting Cisco ASA Panels 55,852 panels exposed to the internet as of 25/09 Shodan query: product:"Cisco ASA SSL VPN" https://t.co/QoY0jasfxc
@rxerium
25 Sept 2025
5098 Impressions
21 Retweets
51 Likes
24 Bookmarks
4 Replies
2 Quotes
Latest Known Exploited Vulnerabilities (#KEV) : #CVE-2025-20333 #Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability https://t.co/5xmImb34tL
@ScyScan
25 Sept 2025
93 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
if everyone would not awfully mind patching CVE-2025-20333 on their CISCO ASAs I would be very appreciative! https://t.co/JKdLlajVmc
@UK_Daniel_Card
25 Sept 2025
23913 Impressions
56 Retweets
450 Likes
67 Bookmarks
33 Replies
3 Quotes
Another day, another CVE… Cisco just published a critical vulnerability (CVSS 9.9) affecting ASA & FTD VPN web servers. + Remote Code Execution possible, no workarounds. + CVE-2025-20333 Advisory: https://t.co/bEQh4Mw1oU
@fr33s0ul_Ninja
25 Sept 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Another Cisco 0-Day Alert 🚨 Two zero-day vulnerabilities actively being exploited in Cisco ASA and FTD (CVE-2025-20333 and CVE-2025-20362) We have added a Cisco ASA decoy into the free decoy templates - go hunt that 0day! 👉https://t.co/GXFaqghsXI https://t.co/f4TC3Se4uR
@DefusedCyber
25 Sept 2025
6594 Impressions
18 Retweets
88 Likes
22 Bookmarks
0 Replies
2 Quotes
🚨 WARNING: Cisco VPN gear under active attack! Two zero-days (CVE-2025-20333, CVSS 9.9 & CVE-2025-20362) let hackers gain root access and bypass auth. CISA issued an emergency directive—federal agencies have 24 hrs to patch. Details → https://t.co/7Dz6adVyLP
@TheHackersNews
25 Sept 2025
28570 Impressions
115 Retweets
242 Likes
58 Bookmarks
6 Replies
7 Quotes