CVE-2025-20263
BaseFortify
Publication date: 2025-08-14
Last updated on: 2025-08-15
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | secure_firewall_threat_defense | * |
| cisco | secure_firewall_adaptive_security_appliance | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-680 | The product performs a calculation to determine how much memory to allocate, but an integer overflow can occur that causes less memory to be allocated than expected, leading to a buffer overflow. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the web services interface of Cisco Secure Firewall ASA and FTD Software. It is caused by insufficient boundary checks on specific data sent to the interface. An unauthenticated remote attacker can exploit this by sending a specially crafted HTTP request, causing a buffer overflow on the system.
How can this vulnerability impact me? :
Exploiting this vulnerability can cause the affected system to reload unexpectedly, resulting in a denial of service (DoS) condition. This means the firewall could become temporarily unavailable, potentially disrupting network security and operations.