Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Cisco ASA and FTD zero-day patch release (CVE-2025-20333, CVE-2025-20362)

Security Patch Release
First reported
Last updated
Happening score
H score 59
2 unique sources, 4 articles

Summary

Hide ▲

Cisco warned that CVE-2025-20333 and CVE-2025-20362 in Cisco Secure Firewall ASA and Cisco Secure Firewall FTD remain part of an active exploitation thread, and on November 5, 2025 Cisco said a new attack variant can force affected devices into unexpected reloads and DoS conditions. The original September 25 security updates addressed the two flaws, which can be chained to enable unauthenticated access to restricted endpoints and remote code execution on vulnerable systems. CISA issued an emergency directive for U.S. federal agencies, and Shadowserver tracked over 34,000 exposed ASA and FTD instances vulnerable to the same CVEs.

Related Happenings

Cisco Secure Workload REST API patch release (CVE-2026-20223)

Security Patch Release
First: 22.05.2026 08:36 Last: 22.05.2026 08:36 Sources 1

About this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...

Open Happening

Cisco ThousandEyes and Nexus security patches

Security Patch Release
First: 21.05.2026 15:04 Last: 21.05.2026 15:04 Sources 1

About this happening: Cisco released patches for **three medium-severity vulnerabilities** affecting **ThousandEyes Virtual Appliance**, **ThousandEyes Enterprise Agent**, and **Nexus 3000/9000 switche...

Open Happening

ChromaDB Python API exposure mitigation (CVE-2026-45829)

Advisory/Mitigation
First: 20.05.2026 01:25 Last: 20.05.2026 01:25 Sources 1

About this happening: **HiddenLayer** urged **ChromaDB** users to harden exposed deployments because **CVE-2026-45829** can still enable code execution on the **Python FastAPI** server. Until patch sta...

Open Happening

CISA KEV remediation order for Cisco Catalyst SD-WAN Controller CVE-2026-20182

Public Sector Action
First: 15.05.2026 08:28 Last: 15.05.2026 08:28 Sources 1

About this happening: **CISA** added **CVE-2026-20182** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate **Cisco Catalyst SD-WAN Controller** by **May 17,...

Open Happening

Cisco security patch release for CVE-2026-20182

Security Patch Release
First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

Open Happening

Timeline

  1. 07.11.2025 17:44 1 articles · 6mo ago

    Cisco detects new ASA and FTD reboot-loop attack variant

    Exploitation Observed

    Cisco became aware on November 5, 2025, of a new attack variant targeting Cisco Secure ASA Software and Cisco Secure FTD Software releases affected by CVE-2025-20333 and CVE-2025-20362, and the attack can cause unpatched devices to unexpectedly reload into denial-of-service conditions.

    Show sources
    Open in new tab
  2. 25.09.2025 19:49 4 articles · 8mo ago

    Cisco warns on exploited ASA and FTD zero-days

    Initial Disclosure

    Cisco warned customers to patch two actively exploited zero-day vulnerabilities in Adaptive Security Appliance (ASA) and Firewall Threat Defense (FTD) software, identified as CVE-2025-20333 and CVE-2025-20362. Cisco Product Security Incident Response Team (PSIRT) said it was aware of attempted exploitation and urged customers to upgrade to a fixed software release to remediate the flaws. The same security advisories also noted a separate critical vulnerability, CVE-2025-20363, in firewall and Cisco IOS software.

    Show sources
    Open in new tab