Cisco has reported the active exploitation of a critical remote code execution vulnerability, CVE-2025-20333, affecting its Secure Firewall Adaptive Security Appliance (ASA) and Threat Defense (FTD) software. First disclosed on September 25, 2025, this vulnerability has a CVSS score of 9.9, enabling attackers with valid VPN credentials to launch attacks that could lead to complete device compromise. The flaw is attributed to inadequate validation of user-supplied input in the VPN web server’s handling of HTTP(S) requests, allowing attackers to execute arbitrary code.
Cisco’s advisory stressed the urgency of addressing this vulnerability, especially as a new attack variant was identified after an update on November 5, 2025, which causes affected devices to reload unexpectedly, resulting in denial-of-service disruptions. There are no existing workarounds, and immediate patching is recommended. The advisory provides details on affected and fixed software versions, underlining the need for organizations to audit their configurations and monitor VPN traffic for anomalies to protect against potential exploits.
👉 Pročitaj original: Cyber Security News
