← All CVEs
CVE-2025-20333CRITICAL · 9.9TrackedCISA KEV
Cisco · Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a buffer overflow vulnerability that allows for remote code execution. This vulnerability could be chained with CVE-2025-20362.
Disclosed
2025-09-25
257 days ago
Status
no honeypot capture yet
on CISA KEV — watching
7-day events
0
across 0 distinct IPs
7-day spread
0 ASN · 0 cty
0 active days
Top ASNs
No events captured yet.
Top countries
No events captured yet.
References
- https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices
- https://www.cisa.gov/news-events/directives/supplemental-direction-ed-25-03-core-dump-and-hunt-instructions
- https://www.cisa.gov/eviction-strategies-tool/create-from-template
- https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks
- https://sec.cloudapps.cisco.com/security/center/private/resources/asa_ftd_continued_attacks#Details
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB
- https://nvd.nist.gov/vuln/detail/CVE-2025-20333