Call us Today: 800-723-5353

JOIN REMOTE SESSION
Support Portal
Flyout Menu
Flyout Menu

Call now: 800-723-5353

VULNERABILITY

Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD)

On 25 September 2025, Cisco released fixes for two vulnerabilities in Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) that are currently being actively exploited by a sophisticated threat actor. The US Cybersecurity and Infrastructure Security Agency (CISA) issued Emergency Directive 25-03 requiring Federal Civilian Executive Branch (FCEB) agencies to patch these vulnerabilities by 12 PM EDT on September 26. Agencies are also required to assess compromise via CISA-provided procedures and submit core dump(s). 

  • CVE-2025-20333: A critical vulnerability allowing authenticated remote threat actors to execute code on an unpatched device. Exploitation requires crafted HTTP requests with valid VPN credentials. 
  • CVE-2025-20362: A medium-severity vulnerability allowing remote, unauthenticated threat actors to access restricted URL endpoints by sending crafted HTTP requests to a targeted web server. 

Additionally, a third vulnerability of critical severity, CVE-2025-20363, was patched. This vulnerability allows unauthenticated, remote threat actors to execute arbitrary code on Cisco ASA and FTD software, or authenticated, remote threat actors with low user privileges to execute arbitrary code on Cisco IOS, IOS XE, and IOS XR software. Cisco has not indicated that CVE-2025-20363 has been exploited in the wild at the time of writing. 

Resource link: https://arcticwolf.com/resources/blog-uk/cisco-patches-asa-ftd-and-ios-vulnerabilities-including-critical-and-exploited-flaws/

Note: Both are being exploited in the wild.

Please review the scope of work below prior to authorizing NCI to remediate.

Scope of work:

Upgrade to the latest fixed release.

Before upgrading the device to the latest fixed version, we will collect all artifacts and outputs outlined by CISA to determine whether there are signs of compromise on the Cisco device.

Remediation work is offered at a flat fee of $650.00 per device.

Please note: remediation and updates have the potential to cause other unforeseen issues or conflicts between software and/or hardware. If additional work is needed to get all systems and software to acceptable levels due to compatibility issues or conflicts, the time associated will be billed at time and materials.

By completing the following form, you agree to the scope of work and remediation estimate.

The form you are trying to access is now closed.

To submit a remediation request for Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD), please navigate to our Contact Us form. In your message, be sure to include the name of the vulnerability and specify that it is a remediation request.

We appreciate your understanding and look forward to assisting you with your request.