CVE-2025-20251 HIGH

CVE-2025-20251: Cisco Secure Firewall Adaptive Security Appliance and Cisco Secure Firewall Threat Defense Software Authenticated Arbitrary File Deletion

Vendor Cisco
Product Cisco Adaptive Security Appliance (ASA) Software
Weakness CWE-1287
Published August 14, 2025
Last update August 14, 2025

CVSS base score

8.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H

What the vulnerability does

01Description

A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to create or delete arbitrary files on the underlying operating system. If critical system files are manipulated, new Remote Access SSL VPN sessions could be denied and existing sessions could be dropped, causing a denial of service (DoS) condition. An exploited device requires a manual reboot to recover. This vulnerability is due to insufficient input validation when processing HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to create or delete files on the underlying operating system, which could cause the Remote Access SSL VPN service to become unresponsive. To exploit this vulnerability, the attacker must be authenticated as a VPN user of the affected device.

Key dates

02Disclosure timeline

August 14, 2025 CVE published
August 14, 2025 Record updated