CVE-2025-20333

Published Sep 25, 2025

Last updated 3 months ago

Exploit knownCVSS critical 9.9
Cisco ASA
Cisco FTD

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-20333 is a vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. It stems from improper validation of user-supplied input in HTTP(S) requests. An authenticated, remote attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. Successful exploitation could allow the attacker to execute arbitrary code as root, potentially leading to complete compromise of the device. Cisco has released software updates to address this vulnerability.

Description
A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device.
Source
psirt@cisco.com
NVD status
Analyzed
Products
adaptive_security_appliance_software, firepower_threat_defense

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.9
Impact score
6
Exploitability score
3.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Known exploits

Data from CISA

Vulnerability name
Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buffer Overflow Vulnerability
Exploit added on
Sep 25, 2025
Exploit action due
Sep 26, 2025
Required action
The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendor’s instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.

Weaknesses

psirt@cisco.com
CWE-120

Social media

Hype score
Not currently trending

  1. 🛡️ CISA alerta que miles de Cisco ASA y Firepower siguen vulnerables a los CVE-2025-20362 y CVE-2025-20333, incluso en organizaciones que creían haber parcheado. Los fallos permiten control total del dispositivo. #Metaprotec recomienda: verificar parches y reforzar monitori

    @MetaProtec

    5 Dec 2025

    107 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Actively exploited CVE : CVE-2025-20333

    @transilienceai

    29 Nov 2025

    52 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  3. 🚨 Cisco Firewall admins: New attack wave exploiting CVE-2025-20333 & CVE-2025-20362—causes DoS reloads, delivers malware like RayInitiator. Quick fix: Update ASA/FTD software per Cisco advisory. Monitor for reload spikes. Unpatched edges = open doors. Lock it down toda

    @AsensoDerrick3

    29 Nov 2025

    90 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 CISA varuje: dvě kritické chyby v Cisco ASA/FTD (CVE-2025-20333 a CVE-2025-20362), aktivní exploitace. ✅ Doporučení: identifikujte zařízení, aplikujte patch, proveďte kontrolu. https://t.co/PJsovjARkw

    @platforma_kybez

    28 Nov 2025

    53 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CISA Updates Guidance on Patching Cisco Devices Targeted in China-Linked Attacks https://t.co/S5zvOVX3Ld The two bugs, tracked as CVE-2025-20333 and CVE-2025-20362, were discovered in May, after being exploited as zero-days in attacks against government organizations.

    @vjpastor

    15 Nov 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Vulnerabilities in Cisco ASA and ISE battling it out to see which exploit is worse—and enterprises should be worried. In this episode of IT SPARC Cast - CVE of the Week, we cover: • CVE-2025-20333 & CVE-2025-20362 impacting Cisco ASA and Secure Firewall (FTD) • Authent

    @john_video

    15 Nov 2025

    79 Impressions

    1 Retweet

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. **URGENT:** CISA warns of active ArcaneDoor attacks exploiting Cisco ASA & Firepower flaws (CVE-2025-20362, CVE-2025-20333). Patch NOW! #Cyb... 🔒 Privacy is a right. Ghost Coin delivers true anonymity. https://t.co/4fb8OcvJil #Ghost #Privacy $GHOST

    @ghostednews

    15 Nov 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. **URGENT:** CISA orders patches NOW! Critical flaws (CVE-2025-20362, CVE-2025-20333) in Cisco ASA & Firepower exploited by ArcaneDoor. Verif... 🔒 Privacy is a right. Ghost Coin delivers true anonymity. https://t.co/4fb8OcvJil #Ghost #Privacy $GHOST

    @ghostednews

    15 Nov 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. سيسكو تحـ ـذر من هجـ ـوم جديد يستهدف جدران الحماية عبر الثـ ـغرتين CVE-2025-20333 وCVE-2025-20362 التفاصيل.. https://t.co/aMmuiQmtiu #مركز_الأمن_السيبراني_للابحاث_والدراسات https://t.

    @ccforrs

    14 Nov 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Cisco Secure ASA/FTD の脆弱性 CVE-2025-20333 が FIX:RCE 攻撃を確認 https://t.co/LusY6WX0nH この問題の原因は、Cisco Secure ASA/FTD の VPN Web サーバ・コンポーネントで発生した入力検証の不備にあります。HTTP

    @iototsecnews

    14 Nov 2025

    130 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. In a VPN cyberattack that sent shockwaves through the country and beyond, Cisco recently announced three high-severity vulnerabilities, including CVE-2025-20333, CVE-2025-20362, and CVE-2025-20363.

    @ShieldSure

    13 Nov 2025

    21 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  12. CISA alerts U.S. federal agencies to urgently patch critical Cisco ASA and Firepower flaws (CVE-2025-20362, CVE-2025-20333) exploited by the ArcaneDoor campaign, risking remote code execution and full device takeover. #CiscoFlaws #ArcaneDoor #USA https://t.co/zf4oJLqtw7

    @TweetThreatNews

    13 Nov 2025

    97 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Cisco Secure Firewall ASAおよびCisco Secure FTDの脆弱性について (CVE-2025-20333等) | 情報セキュリティ | IPA 独立行政法人 情報処理推進機構 https://t.co/VbSZQCjmVW

    @fyi787

    12 Nov 2025

    19 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. برای فایروال های ASA و FTD مربوط به سیسکو، دو آسیب پذیری با کد شناسایی CVE-2025-20362 و CVE-2025-20333 منتشر شده بود ، به تازگی اکسپلویت این دو آسیب پذیری نیز منتشر شده است.

    @AmirHossein_sec

    10 Nov 2025

    75 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  15. New #Cisco Firewall Exploits Detected! Attackers are exploiting CVE-2025-20333 & CVE-2025-20362 to crash or control unpatched ASA/FTD devices 👉 https://t.co/Y84XwplbLM #CyberSecurity #Vulert #Cisco #CVE #ZeroDay #FirewallSecurity

    @vulert_official

    10 Nov 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362 https://t.co/UoPeoeAC38 via @TheHackersNews

    @DCICyberSecNews

    10 Nov 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. シスコ、9月に悪用公表のゼロデイが新たにDoS攻撃で悪用されていると警告:CVE-2025-20362、CVE-2025-20333 | Codebook|Security News https://t.co/FMeNUOw1VF

    @ohhara_shiojiri

    10 Nov 2025

    38 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. ☑️재조명 중인 #cisco 제로데이 RCE 취약점​ ASA, FTD 제로데이 RCE 관련 심각 취약점 CVE-2025-20333 / 20362 에 노출된 자산에 대해 Cisco가 경고했습니다​. 🌐️전세계에 노출된 Cisco FTD 인스턴스: 84,000대 이상​ 📘

    @CriminalIP_KR

    10 Nov 2025

    132 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. ☑️ Exploited ASA / FTD zero-day RCE vulnerabilities: CVE-2025-20333 / CVE-2025-20362​ 🌐️ Exposed #cisco Firewall Threat Defense instances worldwide: Over 84,000​ Query: https://t.co/CNNYr24trQ​ ⚠️ Key risk: CVE-2025-20333 can allow an attacker to execute ar

    @CriminalIP_US

    10 Nov 2025

    1516 Impressions

    4 Retweets

    7 Likes

    5 Bookmarks

    0 Replies

    0 Quotes

  20. ☑️재조명 중인 Cisco 제로데이 RCE 취약점​ ASA, FTD 제로데이 RCE 관련 심각 취약점 CVE-2025-20333 / 20362 에 노출된 자산에 대해 Cisco가 경고했습니다​. 🌐️전세계에 노출된 Cisco FTD 인스턴스: 84,000대 이상​ 📘

    @CriminalIP_KR

    10 Nov 2025

    15 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  21. ☑️ Exploited ASA / FTD zero-day RCE vulnerabilities: CVE-2025-20333 / CVE-2025-20362​ 🌐️ Exposed Cisco Firewall Threat Defense instances worldwide: Over 84,000​ Query: https://t.co/CNNYr23VCi​ ⚠️ Key risk: CVE-2025-20333 can allow an attacker to execute arbi

    @CriminalIP_US

    10 Nov 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  22. 🚨【再注目】#Cisco ASA / FTD の致命的なゼロデイ RCE(CVE-2025-20333)が再び活発化しています。🚨 ハッカーによる実際の悪用が確認されており、未パッチ環境は重大なリスクです。 当社の技術ブログ(2025-10-07)

    @CriminalIP_JP

    10 Nov 2025

    166 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  23. ⚠️シスコ、ゼロデイ2件が新たにDoS攻撃で悪用されていると警告: CVE-2025-20362, CVE-2025-20333 🇨🇳中国の情報セキュリティ企業がハッキングされサイバー兵器や標的リスト等が漏洩したとの報道 🇺🇸米議会

    @MachinaRecord

    10 Nov 2025

    11 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  24. Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362 https://t.co/qoAEeJtMbZ

    @PVynckier

    9 Nov 2025

    96 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  25. Latest cybersecurity bulletin: Cisco is warning of a new firewall attack that exploits two zero-day vulnerabilities (CVE-2025-20333 and CVE-2025-20362). A nation-state actor has been identified as the A new side-channel attack called 'Whisper Leak' encrypted Al chat traffic.

    @PurvanshBhatt

    9 Nov 2025

    63 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  26. ⚠️ Cisco ASA/FTD critical zero-days (CVE-2025-20333, CVE-2025-20362) are being actively exploited. Patch affected devices, restrict management access, and update IDS/SIEM signatures immediately https://t.co/3OB9hUP3ws https://t.co/MxJnAUh1kN

    @Garriso31610061

    8 Nov 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  27. 🚨 Nouveau coup dur : Cisco alerte sur deux failles critiques — CVE-2025-20333 (RCE) & CVE-2025-20362 (bypass auth) — exploitées en campagne active contre les appliances ASA/FTD. Mettez à jour immédiatement ou remplacez le matériel vulnérable.

    @CyberHebdo

    8 Nov 2025

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

  28. 🚨 حمله جدید علیه Cisco ASA/FTD با CVE-2025-20333 و CVE-2025-20362 اجرای کد، بایپس احراز هویت، DoS + بدافزارهای RayInitiator/LINE VIPER پچ منتشر شده، حتما آپدیت کنید! #Cisco #ZeroDay #Firewall #CVE #Cybers

    @vulnerbyte

    8 Nov 2025

    64 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  29. 👀 Cisco ASA/FTD vulnerabilities are officially back in the news, and it’s not good. Active exploitation continues and there are new attack variants on devices vulnerable to CVE-2025-20333 and CVE-2025-20362. The attacks may result in unpatched devices unexpectedly reloadin

    @Horizon3ai

    7 Nov 2025

    120 Impressions

    0 Retweets

    1 Like

    1 Bookmark

    1 Reply

    0 Quotes

  30. "「Cisco ASA/FTD」脆弱性がDoS攻撃の標的に - 修正を再度呼びかけ Cisco Systemsのファイアウォール製品に深刻な脆弱性「CVE-2025-20333」「CVE-2025-20362」が確認され、ゼロデイ攻撃の対象となっていた問題で、異なる攻

    @akibablog

    7 Nov 2025

    1564 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  31. https://t.co/h9NRBncqlC #cybersecurity On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362 https://t.co/7X7JRtrEs1

    @FarVisionNetwks

    7 Nov 2025

    72 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  32. 🚨ALERTA | CompuNet SOC (06/11/25): CVE-2025-20333 y CVE-2025-20362 en Cisco Unified CCX — actualizar a 12.5 SU3 ES07 o 15.0 ES01. Exploit activo en Chrome CVE-2025-10585 → Chrome 140.0.7339.185+. Revise logs. Más: https://t.co/YtfhaqeN3L #Ciberseguridad https://t.co/J8cp7

    @CompunetChile

    7 Nov 2025

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  33. Ciscoが新攻撃を警告: FirewallでCVE-2025-20333/20362悪用 https://t.co/mzpzCU5RYv #Security #セキュリティ #ニュース

    @SecureShield_

    7 Nov 2025

    44 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  34. 🚨 New threat alert! Cisco warns of critical firewall attacks exploiting CVE-2025-20333 & CVE-2025-20362. Secure your networks NOW! #CyberSecurity #FirewallAttack https://t.co/ZuCF5OhHNE

    @xcybersecnews

    6 Nov 2025

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  35. 🚨 Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362 🚨 This is not a drill. Cisco has warned of a new, highly-advanced attack exploiting CVE-2025-20333 and CVE-2025-20362 on Cisco ASA and FTD devices. Devices will unexpectedly reload, causing D

    @HackonomicNews

    6 Nov 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  36. Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362 https://t.co/bMKGoFTR6X https://t.co/rmxWfO309T

    @talentxfactor

    6 Nov 2025

    43 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  37. Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362. Cisco on Wednesday disclosed that it became aware of a new attack variant that's designed to target devices running Cisco Secure... https://t.co/YyX9c9Kftr #InceptusSecure #UnderOurProtection

    @Inceptus3

    6 Nov 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  38. シスコ社がASA及びFTDの脆弱性CVE-2025-20333及びCVE-2025-20362が悪用されていることを警告。公式は攻撃をDoSとしているが、CVE-2025-20333はrootでの遠隔コード実行、CVE-2025-20362は認証回避で、ゼロデイで悪用されていた

    @__kokumoto

    6 Nov 2025

    611 Impressions

    2 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  39. #Cisco Warns of New #Firewall Attack Exploiting #CVE-2025-20333 and CVE-2025-20362 https://t.co/f08DZUjdWW

    @ScyScan

    6 Nov 2025

    29 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  40. The Hacker News - Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362 https://t.co/3znmXLHWuK

    @buzz_sec

    6 Nov 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  41. Cisco warns of a new attack targeting Secure Firewall ASA/FTD software via CVE-2025-20333 & CVE-2025-20362, leading to DoS reloads. Patch now! 🚨 https://t.co/L1ac1BG4T6 #Cisco #Cybersecurity #FirewallAttack #CVE #DoS

    @0xT3chn0m4nc3r

    6 Nov 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  42. Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362 https://t.co/WdMkwffgbd https://t.co/rbF6XWpI3B

    @RigneySec

    6 Nov 2025

    12 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  43. Cisco Warns of New Firewall Attack Exploiting CVE-2025-20333 and CVE-2025-20362 https://t.co/9aDJdvNRrs https://t.co/y4SfmMAPEi

    @evanderburg

    6 Nov 2025

    64 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  44. 🚨 Cisco warns hackers are targeting unpatched Secure Firewall ASA & FTD devices with a new attack variant exploiting two flaws — CVE-2025-20333 and CVE-2025-20362. The attacks can crash devices (DoS) or let attackers run code as root. Details here ↓ https://t.co/0j9v

    @TheHackersNews

    6 Nov 2025

    15639 Impressions

    63 Retweets

    123 Likes

    27 Bookmarks

    5 Replies

    1 Quote

  45. Cisco Secure Firewall ASAおよびCisco Secure FTDの脆弱性について (CVE-2025-20333等) https://t.co/ZvH6Q5vL6H

    @ICATalerts

    6 Nov 2025

    4161 Impressions

    7 Retweets

    12 Likes

    3 Bookmarks

    0 Replies

    1 Quote

  46. #VulnerabilityReport #ASA CRITICAL Cisco Zero-Day (CVE-2025-20333, CVSS 9.9) Under Active Attack: VPN Flaw Allows Root RCE https://t.co/s3GqDlLum4

    @Komodosec

    2 Nov 2025

    114 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  47. Critical Cisco Vulnerabilities Disclosed — CVE-2025-20363 & CVE-2025-20333 impact firewall and VPN systems. Patch now and stay protected with Network Solutions Inc. 👉 https://t.co/AYYu6tm24z #Cisco #CyberSecurity #InfoSec #NetworkSecurity #CVE #Vulnerability

    @NSIguy

    1 Nov 2025

    242 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  48. 🚨 Vulnerabilidad crítica (CVSS 9.9) 🧩 CVE-2025-20333 – Cisco ASA/FTD WebVPN Desbordamiento de búfer permite ejecución remota de código y posible control del firewall. ⚙️ Afecta entornos financieros, industriales e infraestructuras críticas. #CTI #Metaprotec #Ci

    @MetaProtec

    25 Oct 2025

    114 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  49. 🚨 Threat actors are doubling down on VPN vulnerabilities, and September's data proves it.🚨 After a Citrix-heavy August, Cisco flaws were the most discussed in September. Cisco flaws claimed 3 of the top 5 spots, with its ASA zero-days (CVE-2025-20333 & CVE-2025-20362)

    @ReliaQuestTR

    24 Oct 2025

    248 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  50. 🔴 ACİL UYARI | Cisco Firewall’larda Kritik Güvenlik Açığı Cisco ASA ve Firepower cihazlarında CVE-2025-20333 ve CVE-2025-20362 numaralı kritik açıklar tespit edildi. Yaklaşık 50.000 cihaz etkilenebilir durumda. Bu açıklar uzaktan kod çalıştırma riskine yol

    @KamCyberTR

    15 Oct 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.