1.0 Introduction
Recently, Cisco has released security updates to address multiple vulnerabilities in its products.
2.0 Impact
Successful exploitation of these vulnerabilities could allow attackers to execute arbitrary code, cause denial-of-service (DoS) conditions, or perform malicious actions that could disrupt network security operations.
3.0 Affected Products
Critical Severity Vulnerabilities
- Cisco Secure Firewall Management Center Software – RADIUS Remote Code Execution Vulnerability – CVE-2025-20265
High Severity Vulnerabilities
- Cisco Secure Firewall Threat Defense Software – Snort 3 Denial of Service Vulnerability – CVE-2025-20217
- Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 2100 Series – IPv6 over IPsec Denial of Service Vulnerability – CVE[1]2025-20222
- Cisco Secure Firewall Management Center Software – HTML Injection Vulnerability – CVE[1]2025-20148
- Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software – Remote Access VPN Web Server Denial of Service Vulnerability – CVE-2025- 20244
- Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software – Remote Access SSL VPN Denial of Service Vulnerabilities – CVE-2025-20133, CVE-2025-20243
- Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software – SSL/TLS Certificate Denial of Service Vulnerability – CVE-2025-20134
- Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software – Network Address Translation DNS Inspection Denial of Service Vulnerability – CVE-2025-20136
- Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software – VPN Web Server Denial of Service Vulnerability – CVE-2025-20251
- Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software – IKEv2 Denial of Service Vulnerabilities – CVE-2025-20224, CVE-2025- 20225, CVE-2025-20239
- Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software – Web Services Denial of Service Vulnerability – CVE-2025-20263
- Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 3100 and 4200 Series – TLS 1.3 Cipher Denial of Service Vulnerability – CVE-2025-20127
4.0 Recommendations
CyberSecurity Malaysia encourages users and administrators to review the following advisories and apply the necessary updates:
Kindly, please refer to the URL below:
For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
Generally, Cyber999 advises the users of these devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.
For further enquiries, please contact us through the following channels:
E-mail: cyber999[at]cybersecurity.my
Phone: 1-300-88-2999 (monitored during business hours)
Mobile: +60 19 2665850 (24x7 call incident reporting)
Business Hours: Mon - Fri 08:30 -17:30 MYT
Web: https://www.cybersecurity.my
5.0 References