CVE-2025-20362Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability

PUBLISHEDvulnerability record
2025-09-25 · last modified September 25, 2025

Metadata

CVE ID:
CVE-2025-20362
项目:
Cisco
产品:
Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense
添加日期:
2025-09-25
到期日:
2025-09-26
最后更新:
September 25, 2025

漏洞名称

Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Missing Authorization Vulnerability

描述

Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a missing authorization vulnerability. This vulnerability could be chained with CVE-2025-20333.

已知用于勒索软件活动吗?

勒索软件状态:
Unknown

采集行动

The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendor’s instructions (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.

其他说明

相关新闻文章

相关 CWE