CVE-2025-20333 — Actively Exploited: Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense (Cisco)
Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a buffer overflow vulnerability that allows for remote code execution. This vulnerability could be chained with CVE-2025-20362.
| CVE ID | CVE-2025-20333 |
|---|---|
| Vendor | Cisco |
| Product | Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense |
| Vulnerability name | Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) Buf |
| Date added | 2025-09-25 |
| Remediation due | 2025-09-26 |
| Known ransomware use | Unknown |
| Required action | The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendor’s instru |
| Description | Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a buffer overflow vulnerability that allows for remote code execution. This vulnerability could be chained with CVE-2025-20362. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →