CVE-2025-20362 - Vulnerability Details

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is in the KEV database since Sept. 25, 2025.

Exploitation active

Automatable yes

Technical Impact partial

Vendors	Products
Cisco	Adaptive Security Appliance Software Firepower Threat Defense Firepower Threat Defense Software

Configuration 1 [-]

OR	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
	cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::

Configuration 2 [-]

OR	cpe:2.3:a:cisco:firepower_threat_defense::::::::
	cpe:2.3:a:cisco:firepower_threat_defense::::::::
	cpe:2.3:a:cisco:firepower_threat_defense::::::::
	cpe:2.3:a:cisco:firepower_threat_defense::::::::
	cpe:2.3:a:cisco:firepower_threat_defense::::::::

No data.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW
https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20362

History

Tue, 21 Oct 2025 23:15:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20362

Tue, 21 Oct 2025 20:30:00 +0000

Type	Values Removed	Values Added
References	https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20362

Tue, 21 Oct 2025 19:30:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-20362

Fri, 26 Sep 2025 17:15:00 +0000

Type	Values Removed	Values Added
Description	A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints without authentication that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.	A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.

Fri, 26 Sep 2025 14:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco firepower Threat Defense
CPEs		cpe:2.3:a:cisco:firepower_threat_defense:::::::: cpe:2.3:o:cisco:adaptive_security_appliance_software::::::::
Vendors & Products		Cisco firepower Threat Defense

Fri, 26 Sep 2025 11:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco Cisco adaptive Security Appliance Software Cisco firepower Threat Defense Software
Vendors & Products		Cisco Cisco adaptive Security Appliance Software Cisco firepower Threat Defense Software

Thu, 25 Sep 2025 18:15:00 +0000

Type	Values Removed	Values Added
References		https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks

Thu, 25 Sep 2025 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'active', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Thu, 25 Sep 2025 16:30:00 +0000

Type	Values Removed	Values Added
Metrics		kev `{'dateAdded': '2025-09-25T00:00:00+00:00', 'dueDate': '2025-09-26T00:00:00+00:00'}`

Thu, 25 Sep 2025 16:15:00 +0000

Type	Values Removed	Values Added
Description		A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints without authentication that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.
Weaknesses		CWE-862
References		https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW
Metrics		cvssV3_1 `{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N'}`

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2025-09-25T16:12:35.916Z

Updated: 2025-10-21T22:45:16.963Z

Reserved: 2024-10-10T19:15:13.258Z

Link: CVE-2025-20362

Vulnrichment

Updated: 2025-09-25T17:04:06.661Z

NVD

Status : Modified

Published: 2025-09-25T16:15:32.280

Modified: 2025-10-21T23:16:48.050

Link: CVE-2025-20362

Redhat

No data.

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction None

Exploitation active

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object