Summary A high-severity vulnerability (CVSS 9.9) has been disclosed in the VPN web server component of Cisco Secure Firewall ASA and FTD software. An authenticated attacker (i.e. one possessing valid VPN credentials) can send specially crafted HTTP(S) requests that bypass input validation and lead to remote code execution as root. This means full device compromise... The post CVE-2025-20333: Authenticated RCE in Cisco ASA / FTD VPN Web Server appeared first on IONIX.
