Critical Cisco Vulnerability Let Remote Attackers Execute Arbitrary Code on Firewalls and Routers

Posted on By CWS

Cisco warns of a Crucial distant code execution flaw in internet companies throughout a number of Cisco platforms.  Tracked as CVE-2025-20363 (CWE-122), this vulnerability carries a CVSS 3.1 Base Rating of 9.0 (AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H) and impacts ASA, FTD, IOS, IOS XE, and IOS XR Software program.

Cisco Enter Validation Flaw (CVE-2025-20363)

The flaw stems from improper validation of user-supplied enter in HTTP requests. Attackers can craft malicious HTTP packets to bypass exploit mitigations and execute arbitrary shell instructions as root. 

For Cisco Safe Firewall ASA and FTD, no authentication is required; for IOS, IOS XE, and IOS XR, solely low-privileged authenticated entry is required.

Affected companies pay attention on SSL or HTTP ports when options corresponding to webvpn, AnyConnect SSL VPN, or the HTTP server are enabled. Instance CLI checks:

Profitable exploitation yields a root shell, probably resulting in full gadget compromise. 

Cisco acknowledges Keane O’Kelley of Cisco ASIG for locating the defect. Coordination with ASD, CSE, NCSC, and CISA contributed to the advisory.

All ASA Sequence (5500-X, ASAv, Firepower 1000/2100/4100/9000, Safe Firewall 1200/3100/4200), FTD platforms, IOS routers with SSL VPN, IOS XE routers, and ASR 9001 operating 32-bit IOS XR with HTTP enabled are susceptible. 

No workarounds exist. Prospects should improve to fastened releases instantly. The advisory gives detailed fastened variations per platform below the Fastened Software program part.

Threat FactorsDetailsAffected ProductsCisco Safe Firewall ASA & FTD Software program, Cisco IOS Software program & IOS XE Software program, Cisco IOS XR Software program (32-bit on ASR 9001 with HTTP server enabled)ImpactRemote unauthenticated code execution as rootExploit PrerequisitesSSL VPN (webvpn) or AnyConnect SSL VPN enabledCVSS 3.1 Score9.0 (Crucial)

Cisco recommends utilizing the Cisco Software program Checker to establish susceptible releases and the earliest patches. Directors ought to audit gadget configurations to verify SSL VPN or HTTP server standing. 

For ASA/FTD, confirm webvpn or AnyConnect SSL VPN settings; for IOS XR, guarantee run uname -s returns Linux or disable HTTP through no http server. Cisco PSIRT confirms no energetic exploitation within the wild.

Comply with us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to characteristic your tales.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Don’t Click ‘Unsubscribe’ Links Blindly It May Leads to Loss of Credentials Cyber Security News
Notepad++ DLL Hijacking Vulnerability Let Attackers Execute Malicious Code Cyber Security News
October Sees Rise in Phishing and Ransomware Attacks, Including TyKit and Google Careers Scams Cyber Security News
Cisco Unified Contact Center Express Vulnerabilities Let Remote Attacker Execute Malicious Code Cyber Security News
Chrome 0-Day Vulnerability Actively Exploited in Attacks by Notorious Hacker Group Cyber Security News
Microsoft Teams Issue Blocks Users From Opening Embedded Office Documents Cyber Security News