Red Hot Cyber, il blog italiano sulla sicurezza informatica
Red Hot Cyber
Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Italian Spanish
Search
2nd Edition GlitchZone RHC 320x100 2
Crowdstriker 970×120
Cisco Addresses Critical Vulnerabilities in ASA and Unified Contact Center Express

Cisco Addresses Critical Vulnerabilities in ASA and Unified Contact Center Express

Redazione RHC : 6 November 2025 21:15

Cisco recently announced the discovery of a new type of cyberattack aimed at compromising devices running Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD) software. The bugs discovered by security researcher Jahmel Harris are tracked under CVE-2025-20333 and CVE-2025-20362.

While successful exploitation of CVE-2025-20333 allows an attacker to execute arbitrary code as root using forged HTTP requests, CVE-2025-20362 allows an attacker to access a restricted URL without authentication. Affected products include:

  • Cisco Unified CCX Release 15.0 (Revised in 15.0 ES01)
  • Cisco Unified CCX Release 12.5 SU3 and earlier (fixed in 12.5 SU3 ES07)

The update comes as Cisco has addressed two critical security flaws in Unified Contact Center Express (Unified CCX) that could allow an unauthenticated, remote attacker to upload arbitrary files, bypass authentication, execute arbitrary commands, and elevate privileges to root.

“This attack can cause unpatched devices to unexpectedly reload, resulting in a denial of service (DoS) condition,” Cisco reports, warning companies to patch as soon as possible.

Both vulnerabilities were disclosed in late September 2025, but not before being exploited as zero-day vulnerabilities in attacks carrying malware such as RayInitiator and LINE VIPER , according to the UK’s National Cyber Security Centre (NCSC).

In addition to the two vulnerabilities, Cisco has released patches for a high severity DoS bug (CVE-2025-20343, CVSS score: 8.6) in Identity Services Engine (ISE) that could allow an unauthenticated, remote attacker to cause a vulnerable device to restart unexpectedly.

“This vulnerability is due to a logic error when processing a RADIUS access request for a MAC address that is already a rejected endpoint,” CISCO’s advisory states . “An attacker could exploit this vulnerability by sending a specific sequence of multiple, spoofed RADIUS access request messages to Cisco ISE.”

While there is no evidence that any of the three security flaws have been exploited indiscriminately, it is essential that users apply updates as soon as possible for optimal protection.

Immagine del sitoRedazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli