CVE-2025-20362 — Actively Exploited: Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense (Cisco)
Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a missing authorization vulnerability. This vulnerability could be chained with CVE-2025-20333.
| CVE ID | CVE-2025-20362 |
|---|---|
| Vendor | Cisco |
| Product | Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense |
| Vulnerability name | Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Mis |
| Date added | 2025-09-25 |
| Remediation due | 2025-09-26 |
| Known ransomware use | Unknown |
| Required action | The KEV due date refers to the deadline by which FCEB agencies are expected to review and begin implementing the guidance outlined in Emergency Directive (ED) 25-03 (URL listed below in Notes). Agencies must follow the mitigation steps provided by CISA (URL listed below in Notes) and vendor’s instru |
| Description | Cisco Secure Firewall Adaptive Security (ASA) Appliance and Secure Firewall Threat Defense (FTD) Software VPN Web Server contain a missing authorization vulnerability. This vulnerability could be chained with CVE-2025-20333. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →