Cisco warns its users to patch two actively exploited vulnerabilities impacting the VPN web server of Cisco Secure Firewall Adaptive Security Appliance Software and Cisco Secure Firewall Threat Defense Software. Tracked as CVE-2025-20362 and CVE-2025-20333, the vulnerabilities can lead to remote code execution and unauthorized access of the affected device. Cisco mentioned in the advisory that … Continue reading “Cisco Addresses Zero-day Vulnerabilities in Cisco ASA and FTD Software (CVE-2025-20362 & CVE-2025-20333)”
Tag: Cisco ASA Software
Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities
An old bug fixed by Cisco is again in the news for actively being exploited in the wild. Cisco had published an advisory cisco-sa-asaftd-xss-multiple-FCB3vPZe on 21st October 2020; to address the bug, CVE-2020-3580. About the Vulnerability This vulnerability exists due to insufficient validation of user-supplied input by the web service’s interface of an affected device. … Continue reading “Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Cross-Site Scripting Vulnerabilities”