FAQ on Exploited Zero-Day Flaws in Cisco ASA and FTD Devices (CVE-2025-20333, CVE-2025-20362)

On September 25, Cisco published three advisories for three zero-day vulnerabilities in its Cisco Adaptive Security Appliance (ASA) Software and Firewall Threat Defense (FTD) Software:

CVE	Description	CVSSv3	Exploited
CVE-2025-20333	Cisco ASA and FTD Software VPN Web Server Remote Code Execution Vulnerability (RCE)	9.9	Yes
CVE-2025-20362	Cisco ASA and FTD Software VPN Web Server Unauthorized Access Vulnerability	6.5	Yes
CVE-2025-20363	Cisco ASA and FTD Software, IOS Software, IOS XE Software, and IOS XR Software Web Services	9.0	No

According to Cisco, two of the three zero-day vulnerabilities were exploited in the wild by the same threat actor behind 2024's ArcaneDoor campaign that also involved the exploitation of flaws in Cisco devices.

For more information about the vulnerability, including the availability of patches and Tenable product coverage, please visit our blog.

Cisco

Cyber Exposure Alerts

Vulnerability watch

Vulnerability Watch

Forum Discussion

FAQ on Exploited Zero-Day Flaws in Cisco ASA and FTD Devices (CVE-2025-20333, CVE-2025-20362)

Recent Discussions

CVE-2025-64446: Fortinet FortiWeb Zero-Day Path Traversal Vulnerability Exploited in the Wild

Microsoft’s November 2025 Patch Tuesday Addresses 63 CVEs

Oracle October 2025 Critical Patch Update Addresses 170 CVEs

Frequently Asked Questions About The August 2025 F5 Security Incident

Microsoft’s October 2025 Patch Tuesday Addresses 167 CVEs (CVE-2025-24990, CVE-2025-59230)

Americas

Europe

Asia / Australia