Forum Discussion

Product Team

3 years ago

Ransomware Groups Reportedly Exploiting Zero-Day in Cisco...

Ransomware Groups Reportedly Exploiting Zero-Day in Cisco ASA/FTD (CVE-2023-20269) On September 6, Cisco published an advisory for a zero-day vulnerability in the Cisco Adaptive Security Appliance (...

Cyber Exposure Alerts

drrobbins

Connect Contributor

3 years ago

I believe this CVE now has patches, at least for some supported devices:

Example 9.12.4.62 was released to address this issue and is not affected:

https://sec.cloudapps.cisco.com/security/center/softwarechecker.x?productSelected=ASA&selectedMethod=A&captchaPage=true&platformCode=277437&versionNamesSelected=9.12.4.62&allAdvisoriesSelectedByTree=N&advisoryType=0&iosBundleId=cisco-sa-20230322-bundle&isFewCheckBoxChecked1=false&isNoneCheckBoxsChecked1=true#~onStep3

However, scans still do not recognize the update and mark a patched ASA as critically vulnerable. Can the plugins be updated? Thanks.

snarang

Product Team

3 years ago

Hi @Dustin Robbins ,

Thanks for sharing this with me. I will look into this further and get back to you.

Thanks,

Satnam

Forum Discussion

Ransomware Groups Reportedly Exploiting Zero-Day in Cisco...

Recent Discussions

FAQ on Exploited Zero-Day Flaws in Cisco ASA and FTD Devices (CVE-2025-20333, CVE-2025-20362)

Microsoft’s September 2025 Patch Tuesday Addresses 80 CVEs (CVE-2025-55234)

Frequently Asked Questions About Chinese State-Sponsored Actors Compromising Global Networks

CVE-2025-7775: Citrix NetScaler ADC and Gateway Zero-Day RCE Vulnerability Exploited in the Wild

CVE-2025-25256: Proof of Concept Released for Fortinet FortiSIEM Command Injection Vulnerability

Americas

Europe

Asia / Australia