The Digital Security Authority (DSA) wants to bring to your attention a vulnerability affecting Cisco ASA Firewall . 

Technical Details

CVE-2025-20333 with a CVSS score of 9.9 is one of the recently disclosed security flaws that has been exploited as part of zero-day attacks targeting Cisco ASA Firewall devices.
This vulnerability allows crafted https requests to exploit the system and allow an authenticated remote attacker to execute remote code execution.
Cisco is urging its users to apply the latest patches.
Cisco released new updates for the remediation of this vulnerability. There are no workarounds that address this vulnerability.

Recommendations

The Digital Security Authority recommends to perform the necessary mitigation steps that can be found in CISCO site here.

References

1. Common Vulnerabilities & Exposures
2. Common Weakness Enumeration

The information presented in this report is based on available data up to the 30th of September 2025. 

 [ Get the report  in .PDF ]