CVE-2025-20333 - PatchNow

Data Source: CIRCL

Confidence: HIGH

Exploitation Method: DIRECT_NETWORK

📅 CVE Published: 2025-09-25

📅 Added to CISA KEV: 2025-09-25 0 DAY

Immediately update to fixed software versions as specified in Cisco advisory cisco-sa-asaftd-webvpn-z5xP8EUB
Monitor VPN web server logs for suspicious HTTP requests and authentication patterns
Consider temporarily disabling VPN web server functionality if patching cannot be done immediately
Implement additional network segmentation and monitoring around affected devices
Highest patch priority - treat as emergency due to active exploitation

Cisco Security Advisory
A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat ...
GitHub - omer-efe-curkus/CVE-2025-32433-Erlang-OTP...
CVE-2025-32433-Erlang-OTP-SSH-RCE-PoC. The vulnerability allows an attacker with network access to an Erlang/OTP SSH server to execute arbitrary code without prior authentication. Description.Vulnerability Check: Determine if a target is vulnerable to CVE-2025-32433. Exploit Execution: Execute arbitrary commands.
Known Exploited Vulnerabilities Catalog
CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild. Organizations should use the KEV catalog as an input to their ...
CISA Adds Four Known Exploited Vulnerabilities to Catalog
CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.
CISA Adds Six Known Exploited Vulnerabilities to Catalog
CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

🔴 CVE-2025-20333