CVE-2025-20362

Name: CVE-2025-20362
Creator: NVD / NIST
Published: 2025-09-25T16:15:32.28+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

HIGHCVSS 8.6/10Actively ExploitedEPSS 85.54%

Last modified Jun 17, 2026

CVE-2025-20362 is a high-severity vulnerability rated 8.6/10 on the CVSS scale. Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions. CISA has confirmed active exploitation in the wild. EPSS estimates a 85.54% chance of exploitation in the next 30 days.

Description

Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions. Cisco strongly recommends that all customers upgrade to the fixed software releases that are listed in the Fixed Software ["#fs"] section of this advisory. A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.

Metrics

CVSS 3.1

8.6/10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

EPSS Probability

85.54%

99.7th percentile

Probability of exploitation in the next 30 days. Learn more

Exploitation Status

This vulnerability is listed in CISA’s Known Exploited Vulnerabilities catalog, confirming active exploitation in the wild. Federal agencies must remediate by Sep 26, 2025.

Weakness Enumeration

CWE-862

Affected Software

Vendor	Product	Versions
Cisco	Adaptive Security Appliance Software	>= 9.12, < 9.12.4.72
Cisco	Adaptive Security Appliance Software	>= 9.14, < 9.14.4.28
Cisco	Adaptive Security Appliance Software	>= 9.16, < 9.16.4.85
Cisco	Adaptive Security Appliance Software	>= 9.17.0, < 9.18.4.67
Cisco	Adaptive Security Appliance Software	>= 9.19, < 9.20.4.10
Cisco	Adaptive Security Appliance Software	>= 9.22, < 9.22.2.14
Cisco	Adaptive Security Appliance Software	>= 9.23, < 9.23.1.19
Cisco	Firepower Threat Defense	>= 7.0.0, < 7.0.8.1
Cisco	Firepower Threat Defense	>= 7.1.0, < 7.2.10.2
Cisco	Firepower Threat Defense	>= 7.3.0, < 7.4.2.4
Cisco	Firepower Threat Defense	>= 7.6.0, < 7.6.2.1
Cisco	Firepower Threat Defense	>= 7.7.0, < 7.7.10.1

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUWVendor Advisory
https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacksVendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20362US Government Resource

Timeline

Published: Sep 25, 2025
Last Modified: Jun 17, 2026
Status: Analyzed

Frequently Asked Questions

What is CVE-2025-20362?

How severe is CVE-2025-20362?

CVE-2025-20362 has a CVSS score of 8.6/10 (HIGH severity). The EPSS model estimates a 85.54% probability of exploitation in the next 30 days. This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog.

How do I fix CVE-2025-20362?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2025-20362?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST