Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2025/VULN645
_____________________________________________________________________

DATE                : 25/09/2025

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Cisco Secure Firewall Adaptive 
Security Appliance Software, Secure Firewall Threat Defense Software,
          IOS Software, IOS XE Software, and IOS XR Software.

=====================================================================
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
_____________________________________________________________________

Below is the list of Cisco Security Advisories published by Cisco
PSIRT on 2025-September-25.
 
The following PSIRT security advisories (2 Critical, 1 Medium) were
published at 16:00 UTC today.

Table of Contents:

1) Cisco Secure Firewall Adaptive Security Appliance Software and
Secure Firewall Threat Defense Software VPN Web Server Remote Code
Execution Vulnerability - SIR: Critical

2) Cisco Secure Firewall Adaptive Security Appliance Software,
Secure Firewall Threat Defense Software, IOS Software, IOS XE
Software, and IOS XR Software Web Services Remote Code Execution
Vulnerability - SIR: Critical

3) Cisco Secure Firewall Adaptive Security Appliance Software and
Secure Firewall Threat Defense Software VPN Web Server
Unauthorized Access Vulnerability - SIR: Medium

+--------------------------------------------------------------------

1) Cisco Secure Firewall Adaptive Security Appliance Software and
Secure Firewall Threat Defense Software VPN Web Server Remote Code
Execution Vulnerability

CVE-2025-20333

SIR: Critical

CVSS Score v(3.1): 9.9

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB"]

+--------------------------------------------------------------------

2) Cisco Secure Firewall Adaptive Security Appliance Software,
Secure Firewall Threat Defense Software, IOS Software, IOS XE
Software, and IOS XR Software Web Services Remote Code Execution
Vulnerability

CVE-2025-20363

SIR: Critical

CVSS Score v(3.1): 9.0

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O"]

+--------------------------------------------------------------------

3) Cisco Secure Firewall Adaptive Security Appliance Software
and Secure Firewall Threat Defense Software VPN Web Server
Unauthorized Access Vulnerability

CVE-2025-20362

SIR: Medium

CVSS Score v(3.1): 6.5

URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW"]


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================