A devastating zero-day vulnerability (CVE-2025-20333) is being actively exploited across thousands of Cisco firewalls worldwide. With a CVSS score of 9.9, this buffer overflow flaw lets authenticated attackers execute code with root privileges on Cisco ASA and FTD devices.
Over 48,800 unpatched systems were identified on September 29, with the US most affected. The vulnerability targets VPN web servers that millions of organizations use for remote access. Attackers need valid VPN credentials, then send malicious HTTP requests to gain complete firewall control.
Cisco confirms no workarounds exist and urges immediate patching. A second bug (CVE-2025-20362) allows unauthorized VPN access, making the situation worse.
Source: Cyber Security News