Update on vulnerabilities impacting Cisco ASA and FTD devices
The Canadian Centre for Cyber Security (Cyber Centre) is aware of exploitation targeting Cisco Adaptive Security Appliance (ASA) 5500-X Series devices that are running Cisco Secure Firewall ASA Software with VPN web services enabled.
On September 25, 2025, Cisco published security advisories for critical vulnerabilities, CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363, affecting certain ASA and Cisco Secure Firewall Threat Defense (FTD) software release products.
The new update covers additional affected products and versions.