CVE-2025-20134
BaseFortify
Publication date: 2025-08-14
Last updated on: 2025-08-19
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | secure_firewall_ftd_software | * |
| cisco | secure_firewall_asa_software | * |
| cisco | secure_firewall_ftd_software | 7.0 |
| cisco | secure_firewall_asa_software | 9.16 |
| cisco | secure_firewall_ftd_software | 6.7 |
| cisco | secure_firewall_asa_software | 9.15 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-415 | The product calls free() twice on the same memory address. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the certificate processing of Cisco Secure Firewall ASA and FTD software. It occurs due to improper parsing of SSL/TLS certificates, allowing an unauthenticated remote attacker to send a specially crafted SSL/TLS certificate to the device. This can cause the device to reload unexpectedly, leading to a denial of service (DoS) condition.
How can this vulnerability impact me? :
The vulnerability can impact you by causing the affected Cisco firewall device to reload unexpectedly when exploited. This results in a denial of service (DoS) condition, potentially disrupting network security and availability.