Cisco Warns of Critical RCE Flaw (CVE-2025-20363) Affecting Firewall and Router Software

Cisco has disclosed a critical vulnerability affecting multiple product lines, including Secure Firewall ASA, Secure Firewall Threat Defense (FTD), IOS, IOS XE, and IOS XR Software. Tracked as CVE-2025-20363, the flaw carries a CVSS base score of 9.0 for firewall products and 8.5 for IOS-based systems, posing a significant threat to enterprise networks.

Cisco explains, “A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device.”

The issue stems from improper validation of user-supplied input in HTTP requests. Cisco warns: “A successful exploit could allow the attacker to execute arbitrary code as root, which may lead to the complete compromise of the affected device.”

The advisory confirms that this vulnerability impacts:

• Secure Firewall ASA and FTD Software when SSL VPN or Mobile User Security (MUS) features are enabled.
• IOS and IOS XE Software if the Remote Access SSL VPN feature is active.
• 32-bit IOS XR Software running on Cisco ASR 9001 routers with HTTP server enabled.

Cisco notes that NX-OS Software is not affected by this vulnerability.

For Cisco firewall products, the vulnerability is rated Critical, with a CVSS 9.0 score. For Cisco IOS, IOS XE, and IOS XR, the rating is High, with a CVSS 8.5 score.

Cisco has released software updates that address this vulnerability and strongly recommends that customers upgrade to a fixed software release.

Related Posts:

• Cisco Issues High-Severity Security Alert for IOS XR Software (CVE-2025-20138)
• Cisco Smart Install Protocol was misused, tens of thousands of critical infrastructure may be attacked
• Cisco releases the security updates to fix RCE flaw in Cisco IOS XE Software
• Cisco Alerts on Public Disclosure of CVE-2025-20115 – BGP Flaw Puts Networks at Risk

Support Our Threat Intelligence

If you find our CVE report and cybersecurity news helpful, consider supporting our work.

Buy Me a Coffee PayPal

Crypto

USDT (TRC20):

TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm Copy

USDT (ERC20):

0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce Copy