What’s new: Cisco has reported two zero-day vulnerabilities affecting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software. These vulnerabilities, CVE-2025-20333 (CVSS 9.9) and CVE-2025-20362 (CVSS 6.5), are being actively exploited, allowing attackers to execute arbitrary code and access restricted endpoints, respectively. CISA has issued an emergency directive for immediate mitigation.
Who’s affected
Organizations using Cisco ASA and FTD Software are at risk, particularly those with exposed VPN services. The vulnerabilities could allow both authenticated and unauthenticated attackers to compromise affected devices.
What to do
- Patch affected Cisco ASA and FTD Software immediately as per Cisco’s advisories.
- Follow CISA’s emergency directive ED 25-03 to identify and mitigate potential compromises within 24 hours.
- Monitor for any signs of exploitation or unusual activity on network devices.
