Nov 06, 2025Ravie LakshmananZero-Day / Vulnerability
Cisco on Wednesday disclosed that it grew to become conscious of a brand new assault variant that is designed to focus on units working Cisco Safe Firewall Adaptive Safety Equipment (ASA) Software program and Cisco Safe Firewall Menace Protection (FTD) Software program releases which are vulnerable to CVE-2025-20333 and CVE-2025-20362.
“This assault could cause unpatched units to unexpectedly reload, resulting in denial-of-service (DoS) circumstances,” the corporate stated in an up to date advisory, urging clients to use the updates as quickly as potential.
Each vulnerabilities have been disclosed in late September 2025, however not earlier than they have been exploited as zero-day vulnerabilities in assaults delivering malware akin to RayInitiator and LINE VIPER, in accordance with the U.Ok. Nationwide Cyber Safety Centre (NCSC).
Whereas profitable exploitation of CVE-2025-20333 permits an attacker to execute arbitrary code as root utilizing crafted HTTP requests, CVE-2025-20362 makes it potential to entry a restricted URL with out authentication.
The replace comes as Cisco addressed two essential safety flaws in Unified Contact Middle Specific (Unified CCX) that would allow an unauthenticated, distant attacker to add arbitrary recordsdata, bypass authentication, execute arbitrary instructions, and elevate privileges to root.
The networking tools main credited safety researcher Jahmel Harris for locating and reporting the shortcomings. The vulnerabilities are listed beneath –
CVE-2025-20354 (CVSS rating: 9.8) – A vulnerability within the Java Distant Technique Invocation (RMI) strategy of Unified CCX that enables an attacker to add arbitrary recordsdata and execute arbitrary instructions with root permissions on an affected system.
CVE-2025-20358 (CVSS rating: 9.4) – A vulnerability within the Contact Middle Specific (CCX) Editor software of Unified CCX that enables an attacker to bypass authentication and procure administrative permissions to create arbitrary scripts on the underlying working system and execute them.
They’ve been addressed within the following variations –
Cisco Unified CCX Launch 12.5 SU3 and earlier (Fastened in 12.5 SU3 ES07)
Cisco Unified CCX Launch 15.0 (Fastened in 15.0 ES01)
Along with the 2 vulnerabilities, Cisco has shipped patches for a high-severity DoS bug (CVE-2025-20343, CVSS rating: 8.6) in Identification Providers Engine (ISE) that would enable an unauthenticated, distant attacker to trigger a vulnerable machine to restart unexpectedly.
“This vulnerability is because of a logic error when processing a RADIUS entry request for a MAC tackle that’s already a rejected endpoint,” it stated. “An attacker may exploit this vulnerability by sending a particular sequence of a number of crafted RADIUS entry request messages to Cisco ISE.”
Whereas there isn’t a proof that any of the three safety flaws have been exploited within the wild, it is important that customers apply the updates as quickly as potential for optimum safety.
