{ "document" : { "aggregate_severity" : { "text" : "kritisch" }, "category" : "csaf_base", "csaf_version" : "2.0", "distribution" : { "tlp" : { "label" : "WHITE", "url" : "https://www.first.org/tlp/" } }, "lang" : "de-DE", "notes" : [ { "category" : "legal_disclaimer", "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen." }, { "category" : "description", "text" : "Die Cisco ASA Appliance bietet Funktionen zur Sicherung von Anwendungssoftware, wie beispielsweise Firewall oder VPN.\r\nCisco Secure Firewall Threat Defense ist eine Sicherheitslösung, die Funktionen wie Firewall, Intrusion Prevention und erweiterten Malware-Schutz in einer einzigen Appliance integriert.\r\nCisco Internetwork Operating System (IOS) ist ein Betriebssystem, das für Cisco Geräte wie z. B. Router und Switches eingesetzt wird.", "title" : "Produktbeschreibung" }, { "category" : "summary", "text" : "Ein entfernter, authentisierter oder anonymer Angreifer kann mehrere Schwachstellen in Cisco ASA (Adaptive Security Appliance), Cisco Secure Firewall Threat Defense, Cisco IOS, Cisco IOS XE und Cisco IOS XR ausnutzen, um die Authentisierung zu umgehen und beliebigen Programmcode mit Administratorrechten auszuführen.", "title" : "Angriff" }, { "category" : "general", "text" : "- CISCO Appliance", "title" : "Betroffene Betriebssysteme" } ], "publisher" : { "category" : "other", "contact_details" : "csaf-provider@cert-bund.de", "name" : "Bundesamt für Sicherheit in der Informationstechnik", "namespace" : "https://www.bsi.bund.de" }, "references" : [ { "category" : "self", "summary" : "WID-SEC-W-2025-2142 - CSAF Version", "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2142.json" }, { "category" : "self", "summary" : "WID-SEC-2025-2142 - Portal Version", "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2142" }, { "category" : "external", "summary" : "Cisco Security Advisory cisco-sa-asaftd-webvpn-z5xP8EUB vom 2025-09-25", "url" : "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB" }, { "category" : "external", "summary" : "Cisco Security Advisory cisco-sa-asaftd-webvpn-YROOTUW vom 2025-09-25", "url" : "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-YROOTUW" }, { "category" : "external", "summary" : "Cisco Security Advisory cisco-sa-http-code-exec-WmfP3h3O vom 2025-09-25", "url" : "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O" }, { "category" : "external", "summary" : "CISA Known Exploited Vulnerabilities Catalog vom 2025-09-25", "url" : "https://www.cisa.gov/known-exploited-vulnerabilities-catalog" } ], "source_lang" : "en-US", "title" : "Cisco ASA, FTD, IOS, IOS XE, IOS XR: Mehrere Schwachstellen", "tracking" : { "current_release_date" : "2025-09-25T22:00:00.000+00:00", "generator" : { "date" : "2025-09-26T10:01:15.085+00:00", "engine" : { "name" : "BSI-WID", "version" : "1.4.0" } }, "id" : "WID-SEC-W-2025-2142", "initial_release_date" : "2025-09-25T22:00:00.000+00:00", "revision_history" : [ { "date" : "2025-09-25T22:00:00.000+00:00", "number" : "1", "summary" : "Initiale Fassung" } ], "status" : "final", "version" : "1" } }, "product_tree" : { "branches" : [ { "branches" : [ { "branches" : [ { "category" : "product_name", "name" : "Cisco ASA (Adaptive Security Appliance)", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance)", "product_id" : "T047186", "product_identification_helper" : { "cpe" : "cpe:/h:cisco:adaptive_security_appliance:-" } } }, { "category" : "product_version_range", "name" : "<9.16.4.85", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) <9.16.4.85", "product_id" : "T047192" } }, { "category" : "product_version", "name" : "9.16.4.85", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) 9.16.4.85", "product_id" : "T047192-fixed", "product_identification_helper" : { "cpe" : "cpe:/h:cisco:adaptive_security_appliance:9.16.4.85" } } }, { "category" : "product_version_range", "name" : "<9.18.4.67", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) <9.18.4.67", "product_id" : "T047193" } }, { "category" : "product_version", "name" : "9.18.4.67", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) 9.18.4.67", "product_id" : "T047193-fixed", "product_identification_helper" : { "cpe" : "cpe:/h:cisco:adaptive_security_appliance:9.18.4.67" } } }, { "category" : "product_version_range", "name" : "<9.20.4.10", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) <9.20.4.10", "product_id" : "T047194" } }, { "category" : "product_version", "name" : "9.20.4.10", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) 9.20.4.10", "product_id" : "T047194-fixed", "product_identification_helper" : { "cpe" : "cpe:/h:cisco:adaptive_security_appliance:9.20.4.10" } } }, { "category" : "product_version_range", "name" : "<9.22.2.14", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) <9.22.2.14", "product_id" : "T047195" } }, { "category" : "product_version", "name" : "9.22.2.14", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) 9.22.2.14", "product_id" : "T047195-fixed", "product_identification_helper" : { "cpe" : "cpe:/h:cisco:adaptive_security_appliance:9.22.2.14" } } }, { "category" : "product_version_range", "name" : "<9.23.1.19", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) <9.23.1.19", "product_id" : "T047196" } }, { "category" : "product_version", "name" : "9.23.1.19", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) 9.23.1.19", "product_id" : "T047196-fixed", "product_identification_helper" : { "cpe" : "cpe:/h:cisco:adaptive_security_appliance:9.23.1.19" } } }, { "category" : "product_version_range", "name" : "<9.12.4.72", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) <9.12.4.72", "product_id" : "T047197" } }, { "category" : "product_version", "name" : "9.12.4.72", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) 9.12.4.72", "product_id" : "T047197-fixed", "product_identification_helper" : { "cpe" : "cpe:/h:cisco:adaptive_security_appliance:9.12.4.72" } } }, { "category" : "product_version_range", "name" : "<9.14.4.28", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) <9.14.4.28", "product_id" : "T047198" } }, { "category" : "product_version", "name" : "9.14.4.28", "product" : { "name" : "Cisco ASA (Adaptive Security Appliance) 9.14.4.28", "product_id" : "T047198-fixed", "product_identification_helper" : { "cpe" : "cpe:/h:cisco:adaptive_security_appliance:9.14.4.28" } } } ], "category" : "product_name", "name" : "ASA (Adaptive Security Appliance)" }, { "category" : "product_name", "name" : "Cisco IOS", "product" : { "name" : "Cisco IOS", "product_id" : "T047189", "product_identification_helper" : { "cpe" : "cpe:/o:cisco:ios:-" } } }, { "category" : "product_name", "name" : "Cisco IOS XE", "product" : { "name" : "Cisco IOS XE", "product_id" : "T047190", "product_identification_helper" : { "cpe" : "cpe:/o:cisco:ios_xe:-" } } }, { "category" : "product_name", "name" : "Cisco IOS XR", "product" : { "name" : "Cisco IOS XR", "product_id" : "T047191", "product_identification_helper" : { "cpe" : "cpe:/o:cisco:ios_xr:-" } } }, { "branches" : [ { "category" : "product_name", "name" : "Cisco Secure Firewall Threat Defense", "product" : { "name" : "Cisco Secure Firewall Threat Defense", "product_id" : "T047187", "product_identification_helper" : { "cpe" : "cpe:/a:cisco:secure_firewall_threat_defense:-" } } }, { "category" : "product_version_range", "name" : "<7.0.8.1", "product" : { "name" : "Cisco Secure Firewall Threat Defense <7.0.8.1", "product_id" : "T047199" } }, { "category" : "product_version", "name" : "7.0.8.1", "product" : { "name" : "Cisco Secure Firewall Threat Defense 7.0.8.1", "product_id" : "T047199-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:cisco:secure_firewall_threat_defense:7.0.8.1" } } }, { "category" : "product_version_range", "name" : "<7.2.10.2", "product" : { "name" : "Cisco Secure Firewall Threat Defense <7.2.10.2", "product_id" : "T047200" } }, { "category" : "product_version", "name" : "7.2.10.2", "product" : { "name" : "Cisco Secure Firewall Threat Defense 7.2.10.2", "product_id" : "T047200-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:cisco:secure_firewall_threat_defense:7.2.10.2" } } }, { "category" : "product_version_range", "name" : "<7.4.2.4", "product" : { "name" : "Cisco Secure Firewall Threat Defense <7.4.2.4", "product_id" : "T047201" } }, { "category" : "product_version", "name" : "7.4.2.4", "product" : { "name" : "Cisco Secure Firewall Threat Defense 7.4.2.4", "product_id" : "T047201-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:cisco:secure_firewall_threat_defense:7.4.2.4" } } }, { "category" : "product_version_range", "name" : "<7.6.2.1", "product" : { "name" : "Cisco Secure Firewall Threat Defense <7.6.2.1", "product_id" : "T047202" } }, { "category" : "product_version", "name" : "7.6.2.1", "product" : { "name" : "Cisco Secure Firewall Threat Defense 7.6.2.1", "product_id" : "T047202-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:cisco:secure_firewall_threat_defense:7.6.2.1" } } }, { "category" : "product_version_range", "name" : "<7.7.10.1", "product" : { "name" : "Cisco Secure Firewall Threat Defense <7.7.10.1", "product_id" : "T047203" } }, { "category" : "product_version", "name" : "7.7.10.1", "product" : { "name" : "Cisco Secure Firewall Threat Defense 7.7.10.1", "product_id" : "T047203-fixed", "product_identification_helper" : { "cpe" : "cpe:/a:cisco:secure_firewall_threat_defense:7.7.10.1" } } } ], "category" : "product_name", "name" : "Secure Firewall Threat Defense" } ], "category" : "vendor", "name" : "Cisco" } ] }, "vulnerabilities" : [ { "cve" : "CVE-2025-20333", "product_status" : { "known_affected" : [ "T047192", "T047195", "T047196", "T047193", "T047194", "T047199", "T047200", "T047186", "T047197", "T047187", "T047198", "T047203", "T047201", "T047202" ] }, "release_date" : "2025-09-25T22:00:00.000+00:00", "title" : "CVE-2025-20333" }, { "cve" : "CVE-2025-20362", "product_status" : { "known_affected" : [ "T047192", "T047195", "T047196", "T047193", "T047194", "T047199", "T047200", "T047186", "T047197", "T047187", "T047198", "T047203", "T047201", "T047202" ] }, "release_date" : "2025-09-25T22:00:00.000+00:00", "title" : "CVE-2025-20362" }, { "cve" : "CVE-2025-20363", "product_status" : { "known_affected" : [ "T047191", "T047192", "T047190", "T047195", "T047196", "T047193", "T047194", "T047199", "T047189", "T047200", "T047186", "T047197", "T047187", "T047198", "T047203", "T047201", "T047202" ] }, "release_date" : "2025-09-25T22:00:00.000+00:00", "title" : "CVE-2025-20363" } ] }