AI description
CVE-2025-20363 is a vulnerability that affects Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software. It could allow an unauthenticated, remote attacker (for Cisco ASA and FTD Software) or an authenticated, remote attacker with low user privileges (for Cisco IOS, IOS XE, and IOS XR Software) to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web service, potentially leading to the execution of arbitrary code as root and complete compromise of the device.
- Description
- A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web service on an affected device after obtaining additional information about the system, overcoming exploit mitigations, or both. A successful exploit could allow the attacker to execute arbitrary code as root, which may lead to the complete compromise of the affected device. For more information about this vulnerability, see the Details ["#details"] section of this advisory.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
- Products
- ios_xr, adaptive_security_appliance_software, ios, ios_xe, firepower_threat_defense
CVSS 3.1
- Type
- Secondary
- Base score
- 9
- Impact score
- 6
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@cisco.com
- CWE-122
- Hype score
- Not currently trending
🚨 [HIGH] Active exploitation detected: CVE-2025-20363 Exploit in the wild confirmed for CVE-2025-20363 (CVSS null). A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance... 🔗 https://t.co/RZBhpWnHFz #ZeroDay #ExploitInWild #CyberSecurity
@ctiwatchcloud
14 Apr 2026
157 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
In a VPN cyberattack that sent shockwaves through the country and beyond, Cisco recently announced three high-severity vulnerabilities, including CVE-2025-20333, CVE-2025-20362, and CVE-2025-20363.
@ShieldSure
13 Nov 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
#VulnerabilityReport #ASA Cisco Warns of Critical RCE Flaw (CVE-2025-20363) Affecting Firewall and Router Software https://t.co/GqUpXaJY8G
@Komodosec
2 Nov 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Critical Cisco Vulnerabilities Disclosed — CVE-2025-20363 & CVE-2025-20333 impact firewall and VPN systems. Patch now and stay protected with Network Solutions Inc. 👉 https://t.co/AYYu6tm24z #Cisco #CyberSecurity #InfoSec #NetworkSecurity #CVE #Vulnerability
@NSIguy
1 Nov 2025
242 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
JPCERT/CC WEEKLY REPORT 2025-10-08を公開。セキュリティ関連情報は8件。VMware製品などの脆弱性情報や、JPCERT/CCが公開した「Cisco ASA、FTD、IOS、IOS XEおよびIOS XRにおける任意のコード実行の脆弱性(CVE-2025-20363)について
@jpcert
8 Oct 2025
3133 Impressions
3 Retweets
9 Likes
2 Bookmarks
0 Replies
0 Quotes
Cisco ASA、FTD、IOS、IOS XEおよびIOS XRにおける任意のコード実行の脆弱性(CVE-2025-20363)について #JPCERTCC (Sep 30) https://t.co/KVkvUQgQ4o
@foxbook
30 Sept 2025
371 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-20362,CVE-2025-20333,CVE-2025-20363
@transilienceai
30 Sept 2025
85 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CyberNewsFlash「Cisco ASA、FTD、IOS、IOS XEおよびIOS XRにおける任意のコード実行の脆弱性(CVE-2025-20363)について」を公開。本脆弱性の影響を受ける製品は多岐にわたります。9月26日に公開したCisco製品の脆弱性に関
@jpcert
30 Sept 2025
4911 Impressions
10 Retweets
18 Likes
3 Bookmarks
0 Replies
0 Quotes
CVE-2025-20333 CVE-2025-20362 CVE-2025-20363 could be under active exploitation. Patch immediately. Cloudflare is actively monitoring and researching the CVEs, but in the meantime we deployed 2 aggressive rules (default off) for who wants to block access all together.
@Cloudforce_One
28 Sept 2025
848 Impressions
1 Retweet
14 Likes
1 Bookmark
1 Reply
1 Quote
تحذير أمني عاجل: كشفت Cisco عن محاولات استغلال تستهدف أجهزة ASA 5500-X وأصدرت 3 ثغرات جديدة: CVE-2025-20333 CVE-2025-20362 CVE-2025-20363 #Cisco #CyberSecurity https://t.co/qShJ8Al5cm
@Mshoraty
28 Sept 2025
197 Impressions
0 Retweets
1 Like
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-20333/CVE-2025-20363対応で 9.16.(2) → 9.16(4) にするとHAの挙動が変わっているような気がするな(;´Д`) ちゃんと検証しないとちょっと分からないな(;´Д`)
@XenCenter
27 Sept 2025
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 Critical Cisco CVEs under Active Exploitation For Executives & Admins – beyond Patch & Pray. 🔥 CVE-2025-20333 → RCE via WebVPN ⚡ CVE-2025-20362 → Privilege Escalation 🕵️ CVE-2025-20363 → HTTP Code Execution ➡️ Combined with RayInitiator Bootk
@stefanab77
26 Sept 2025
100 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
📄 Read the full paper on Zenodo (free): 👉 https://t.co/2MyNVdEOSn 🚨 Critical Cisco CVEs under Active Exploitation 🚨 For Executives & Admins – beyond Patch & Pray. 🔥 CVE-2025-20333 → RCE via WebVPN ⚡ CVE-2025-20362 → Privilege Escalation 🕵️ C
@stefanab77
26 Sept 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Threat Insights: Active Exploitation of Cisco ASA Zero Days https://t.co/Sng2ncKtHZ CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 affect multiple Cisco products, and are being exploited by a threat actor linked to the ArcaneDoor campaign. The post Threat Insights: Active
@f1tym1
26 Sept 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Three vulnerabilities (CVE-2025-20333, CVE-2025-20362, CVE-2025-20363) affecting Cisco ASA and FTD software are under active exploitation. We discuss the lifecycle of zero-day vulnerabilities and the phenomenon of “patch-or-perish.” https://t.co/zTcQCf8hFP https://t.co/sPFvB
@Unit42_Intel
26 Sept 2025
9131 Impressions
49 Retweets
121 Likes
34 Bookmarks
1 Reply
1 Quote
Cisco, ASA / FTD / IOS ürünlerinde kritik güvenlik açıklarını duyurdu. Yeni yayınlanan CVE-2025-20333, CVE-2025-20362 ve CVE-2025-20363 açıklıklarından ikisi aktif olarak istismar ediliyor. 🔴 Sistemlerinizi derhal güncelleyin ve yamaları uygulayın. https://t.co/
@KamCyberTR
26 Sept 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Upozorňujeme na sérii kritických zranitelností v Cisco Adaptive Security Appliance (ASA), Firepower Threat Defense (FTD) a Cisco IOS, CVE-2025-20333, CVE-2025-20363 a CVE-2025-20362. Zneužití těchto zranitelností může umožnit vzdálenému neautentizovanému útočn
@GOVCERT_CZ
26 Sept 2025
793 Impressions
3 Retweets
3 Likes
0 Bookmarks
0 Replies
1 Quote
シスコ社が重大(Critical)な遠隔コード実行の脆弱性を修正。CVE-2025-20363はファイアウォール製品では認証不要でCVSSスコア9.0、IOS系製品では要認証でCVSSスコア8.5。Secure Firewall ASA, Secure Firewall Threat Defense (FTD), IOS, I
@__kokumoto
26 Sept 2025
1888 Impressions
7 Retweets
16 Likes
6 Bookmarks
0 Replies
0 Quotes
🟥 CVE-2025-20363, CVSS: 9.0 (#Critical) Cisco Secure Firewall ASA, FTD, XE, and XR. The vulnerability allows remote code execution (as root) due to improper validation of user-supplied input in HTTP requests. Unauthenticated attackers can exploit Cisco ASA and FTD Software,
@UjlakiMarci
25 Sept 2025
5120 Impressions
3 Retweets
11 Likes
10 Bookmarks
1 Reply
1 Quote
Cisco ASA & FTD RCE Vulnerability: CVE-2025-20363 A heap buffer overflow in Cisco ASA and FTD (CVE-2025-20363) enables unauthenticated RCE. Patch ASAP to block attackers. For more details, read ZeroPath's blog on this vuln. #AppSec #InfoSec #Cisco https://t.co/wGb4CtmjdS
@ZeroPathLabs
25 Sept 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20363 A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IO… https://t.co/yikZYD7Bn4
@CVEnew
25 Sept 2025
211 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.5.1:*:*:*:*:*:x86:*",
"matchCriteriaId": "EE4ECF24-648B-4027-BC19-8DC38DFEDAC4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.5.2:*:*:*:*:*:x86:*",
"matchCriteriaId": "A66F35E2-8F7B-451A-BCC5-47F5EAC78C37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.5.3:*:*:*:*:*:x86:*",
"matchCriteriaId": "A3304833-51FF-43C9-9542-8603686587CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.6.2:*:*:*:*:*:x86:*",
"matchCriteriaId": "36E58BE5-9EFE-4D42-AB05-8DBCCFF766B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.6.3:*:*:*:*:*:x86:*",
"matchCriteriaId": "10D8F88E-F27B-414E-AB37-1D488355FFE5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.6.25:*:*:*:*:*:x86:*",
"matchCriteriaId": "FF81FC48-96D0-48A3-9F2F-094CB13F9E00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.7.1:*:*:*:*:*:x86:*",
"matchCriteriaId": "9A36169B-F386-4FA0-B828-C42B8B748372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.7.2:*:*:*:*:*:x86:*",
"matchCriteriaId": "5221D9EB-5C78-4CF6-B15D-EA57314CCB97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.7.3:*:*:*:*:*:x86:*",
"matchCriteriaId": "F0CB89C0-11F3-4082-BEBD-861A9E34461E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.8.1:*:*:*:*:*:x86:*",
"matchCriteriaId": "1F15DD8D-A5CD-45D1-B0B6-B2A95AD20422",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.8.2:*:*:*:*:*:x86:*",
"matchCriteriaId": "C0C3F984-F92B-4E48-9712-E1B712BC702F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.9.1:*:*:*:*:*:x86:*",
"matchCriteriaId": "2AB5ABAC-F68C-4FC8-95C1-8A3A2E2E92E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xr:6.9.2:*:*:*:*:*:x86:*",
"matchCriteriaId": "60BA6B76-31D9-4F28-A7E4-012E7399D2E8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:cisco:asr_9001:-:*:*:*:*:*:*:*",
"matchCriteriaId": "324C97E6-1810-404F-9F45-6240F99FF039",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "775B3D5F-25D3-4B1C-9BA2-985263A6CE83",
"versionEndExcluding": "9.12.4.72",
"versionStartIncluding": "9.12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9AD381CE-3B2E-4633-AA43-7A82BA7D39CF",
"versionEndExcluding": "9.14.4.28",
"versionStartIncluding": "9.14",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E2686697-B6D5-4F75-9BAF-0B070C07EECB",
"versionEndExcluding": "9.16.4.84",
"versionStartIncluding": "9.16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "36EF7E1F-54E6-4CED-B01C-B40B625528E1",
"versionEndExcluding": "9.18.4.57",
"versionStartIncluding": "9.17.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EADA7A5B-53ED-48EB-A51A-203950AD6C4F",
"versionEndExcluding": "9.19.1.42",
"versionStartIncluding": "9.19.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "52838013-381F-4A60-A251-4AF2B39D5F37",
"versionEndExcluding": "9.20.3.16",
"versionStartIncluding": "9.20.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "156946A8-18CE-49C7-969C-D2E1C201EEE9",
"versionEndExcluding": "9.22.2",
"versionStartIncluding": "9.22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5616E7-4866-4229-97A6-C91DD029CA1F",
"versionEndExcluding": "9.23.1.3",
"versionStartIncluding": "9.23",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:ios:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99AB4688-90DB-48D3-A12C-E73CF16E84CB",
"versionEndIncluding": "15.9\\(3\\)m11",
"versionStartIncluding": "12.2\\(15\\)b",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios_xe:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F9EAA947-A9B6-40AA-952F-FD4381DFA1D8",
"versionEndIncluding": "17.17.1",
"versionStartIncluding": "3.2.0sg",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "09A83737-0EE2-4D5D-915B-3133F3A81FB5",
"versionEndExcluding": "7.0.8",
"versionStartIncluding": "7.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD175CE1-B297-4445-AAFA-F2201429E6C5",
"versionEndExcluding": "7.2.10",
"versionStartIncluding": "7.1.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D8A1EC36-8C42-4890-918A-0B38027B36F3",
"versionEndExcluding": "7.4.2.3",
"versionStartIncluding": "7.3.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F39B5499-B7CE-4FA5-B882-609859CF1598",
"versionEndExcluding": "7.7.10",
"versionStartIncluding": "7.7.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:firepower_threat_defense:7.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "76B73F03-93B6-48C3-BF97-FEAF26895A2D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
]