Strix
26.1K

CVE-2025-20183

MEDIUMCVSS 5.3/10EPSS 0.40%

Last modified

CVE-2025-20183 is a medium-severity vulnerability rated 5.3/10 on the CVSS scale. A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint.  The vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. EPSS estimates a 0.40% chance of exploitation in the next 30 days.

Description

A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint.  The vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance.

Metrics

CVSS 3.1
5.3/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

EPSS Probability
0.40%

32.3th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
CiscoAsyncos11.8.0-414
CiscoAsyncos11.8.0-429
CiscoAsyncos11.8.0-453
CiscoAsyncos11.8.1-023
CiscoAsyncos11.8.3-018
CiscoAsyncos11.8.3-021
CiscoAsyncos11.8.4-004
CiscoAsyncos12.0.1-268
CiscoAsyncos12.0.1-334
CiscoAsyncos12.0.2-004
CiscoAsyncos12.0.2-012
CiscoAsyncos12.0.3-005
CiscoAsyncos12.0.3-007
CiscoAsyncos12.0.4-002
CiscoAsyncos12.0.5-011
CiscoAsyncos12.5.1-011
CiscoAsyncos12.5.1-043
CiscoAsyncos12.5.2-007
CiscoAsyncos12.5.2-011
CiscoAsyncos12.5.3-002
CiscoAsyncos12.5.4-005
CiscoAsyncos12.5.4-011
CiscoAsyncos12.5.5-004
CiscoAsyncos12.5.5-005
CiscoAsyncos12.5.5-008
CiscoAsyncos12.5.6-008
CiscoAsyncos14.0.1-014
CiscoAsyncos14.0.1-040
CiscoAsyncos14.0.1-053
CiscoAsyncos14.0.1-503
CiscoAsyncos14.0.2-012
CiscoAsyncos14.0.3-014
CiscoAsyncos14.0.4-005
CiscoAsyncos14.0.5-007
CiscoAsyncos14.1.0-032
CiscoAsyncos14.1.0-041
CiscoAsyncos14.1.0-047
CiscoAsyncos14.5.0-498
CiscoAsyncos14.5.0-537
CiscoAsyncos14.5.0-673
CiscoAsyncos14.5.1-008
CiscoAsyncos14.5.1-016
CiscoAsyncos14.5.1-510
CiscoAsyncos14.5.1-607
CiscoAsyncos14.5.2-011
CiscoAsyncos14.5.3-033
CiscoAsyncos15.0.0-322
CiscoAsyncos15.0.0-355
CiscoAsyncos15.1.0-287
CiscoAsyncos15.2.0-116

Showing 50 of 51 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Analyzed

Frequently Asked Questions

What is CVE-2025-20183?
A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint.  The vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance.
How severe is CVE-2025-20183?
CVE-2025-20183 has a CVSS score of 5.3/10 (MEDIUM severity). The EPSS model estimates a 0.40% probability of exploitation in the next 30 days.
How do I fix CVE-2025-20183?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-20183?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST