CVE-2025-20362

설명

Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions. Cisco strongly recommends that all customers upgrade to the fixed software releases that are listed in the Fixed Software ["#fs"] section of this advisory. A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisc...

영향 제품·버전

공급사 Cisco

제품 Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense

영향 버전 9.8.1, 9.8.1.5, 9.8.1.7, 9.8.2, 9.8.2.8, 9.8.2.14, 9.8.2.15, 9.8.2.17, 9.8.2.20, 9.8.2.24, 9.8.2.26, 9.8.2.28, 9.8.2.33, 9.8.2.35, 9.8.2.38, 9.8.3.8, 9.8.3.11, 9.8.3.14, 9.8.3.16, 9.8.3.18

수정 버전 9.12.4.72, 9.14.4.28, 9.16.4.85, 9.18.4.67, 9.20.4.10, 9.22.2.14, 9.23.1.19, 7.0.8.1, 7.2.10.2, 7.4.2.4, 7.6.2.1, 7.7.10.1

조치 방법

• 공급사가 제공한 최신 보안 업데이트 적용
• 자사 보유 제품과 영향 버전의 일치 여부 확인
• 외부 노출 서비스와 비정상 인증·접속 로그 점검
• 패치가 어려우면 공급사 완화조치와 접근통제 적용

기술 정보

CVSS 벡터 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CWE CWE-862

KEV 등록일 2025.09.25

랜섬웨어 캠페인 사용 미확인

CISA 비고 CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-25-03-core-dump-and-hunt-instructions ; https://www.cisa.gov/eviction-strategies-tool/create-from-template ; https://sec.cloudapps.cisco.com/security/center/resources/asa_ftd_continued_attacks ; https://sec.cloudapps.cisco.com/security/center/private/resources/asa_ftd_continued_attacks#Details ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW ; https://nvd.nist.gov/vuln/detail/CVE-2025-20362

EPSS 데이터 기준일 2026.06.27