Cisco Firewall Zero-Days Actively Exploited (CVE-2025-20333)

Cyber Security News by CyberSum.net

Published on October 1, 2025 at 06:04 PM

28 sources

Cisco has disclosed two critical zero-day vulnerabilities in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) firewalls that are being actively exploited. The flaws, tracked as CVE-2025-20333 and CVE-2025-20362, can lead to remote code execution and full system control. Security researchers report that nearly 50,000 internet-facing firewalls remain vulnerable worldwide. National security agencies have issued urgent advisories, linking the attacks to a sophisticated threat actor known for targeting network devices. Administrators are strongly advised to apply patches immediately to prevent attackers from bypassing perimeter defenses and compromising their networks.

Also Read

Battering RAM Attack Breaks Intel & AMD Memory Encryption

Researchers have developed a low-cost hardware attack called Battering RAM that defeats modern memory encryption technologies like Intel SGX and AMD SEV-SNP. The method uses a custom-built interposer, costing under $50, that sits between the CPU and system memory. This device remains dormant during system startup to pass security checks but can later be activated to maliciously redirect memory traffic. Once active, it captures encrypted data and replays it into an attacker's own secure environment, forcing the processor to decrypt the victim's sensitive information. This physical attack undermines the confidentiality and integrity guarantees of secure enclaves and virtual machines in cloud environments.

By Cyber Security News by CyberSum.netOctober 1, 2025 at 06:04 PM