CVE-2025-20362MEDIUM · 6.5TrackedCISA KEV

Cisco · Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense

Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a missing authorization vulnerability. This vulnerability could be chained with CVE-2025-20333.

Disclosed

2025-09-25

257 days ago

Status

no honeypot capture yet

on CISA KEV — watching

7-day events

across 0 distinct IPs

7-day spread

0 ASN · 0 cty

0 active days

Top ASNs

No events captured yet.

Top countries

No events captured yet.

References

https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices
https://www.cisa.gov/news-events/directives/supplemental-direction-ed-25-03-core-dump-and-hunt-instructions
https://www.cisa.gov/eviction-strategies-tool/create-from-template
https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks
https://sec.cloudapps.cisco.com/security/center/private/resources/asa_ftd_continued_attacks#Details
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW
https://nvd.nist.gov/vuln/detail/CVE-2025-20362

↗ NVD ↗ CISA KEV ↗ Search analyses