CVE-2025-20263

CVSS v3 8.6 HIGH

8.6^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 4.0

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

A

vulnerability in the web services interface of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system.  This vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could cause the system to reload, resulting in a denial of service (DoS) condition.

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-buffer-overflow-PyRUhWBC

Configurations

No configuration.

History

15 Aug 2025, 13:12

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-14 17:15

Updated : 2025-08-15 13:12

NVD link : CVE-2025-20263

Mitre link : CVE-2025-20263

CVE.ORG link : CVE-2025-20263

JSON object : View

Products Affected

No product.

CWE

CWE-680

Integer Overflow to Buffer Overflow

{"id": "CVE-2025-20263", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.6, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 3.9}]}, "published": "2025-08-14T17:15:39.470", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-buffer-overflow-PyRUhWBC", "source": "[email protected]"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-680"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the web services interface of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. \r\n\r\nThis vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could cause the system to reload, resulting in a denial of service (DoS) condition."}, {"lang": "es", "value": "Una vulnerabilidad en la interfaz de servicios web del software Cisco Secure Firewall Adaptive Security Appliance (ASA) y del software Cisco Secure Firewall Threat Defense (FTD) podr\u00eda permitir que un atacante remoto no autenticado provoque un desbordamiento de b\u00fafer en un sistema afectado. Esta vulnerabilidad se debe a comprobaciones de los l\u00edmites insuficientes para datos espec\u00edficos que se proporcionan a la interfaz de servicios web de un sistema afectado. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una solicitud HTTP manipulada al sistema afectado. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar un desbordamiento de b\u00fafer en el sistema afectado, lo que podr\u00eda provocar la recarga del sistema y provocar una denegaci\u00f3n de servicio (DoS)."}], "lastModified": "2025-08-15T13:12:51.217", "sourceIdentifier": "[email protected]"}