Cisco security advisory (AV25-619) – Update 1

Serial number: AV25-619
Date: September 25, 2025
Updated: November 6, 2025

On September 25, 2025, Cisco published security advisories to address critical vulnerabilities in the following products:

  • Cisco ASA software release 9.12 – versions prior to 9.12.4.72
  • Cisco ASA software release 9.14 – versions prior to 9.14.4.28
  • Cisco ASA software release 9.16 – versions prior to 9.16.4.85
  • Cisco ASA software release 9.17 – versions prior to 9.17.1.45
  • Cisco ASA software release 9.18 – versions prior to 9.18.4.67
  • Cisco ASA software release 9.19 – versions prior to 9.19.1.42
  • Cisco ASA software release 9.20 – versions prior to 9.20.4.10
  • Cisco ASA software release 9.22 – versions prior to 9.22.2.14
  • Cisco ASA software release 9.23 – versions prior to 9.23.1.19
     
  • Cisco FTD software release 7.0 – versions prior to 7.0.8.1
  • Cisco FTD software release 7.1 – all versions
  • Cisco FTD software release 7.2 – versions prior to 7.2.10.2
  • Cisco FTD software release 7.3 – all versions
  • Cisco FTD software release 7.4 – versions prior to 7.4.2.4
  • Cisco FTD software release 7.6 – versions prior to 7.6.2.1
  • Cisco FTD software release 7.7 – versions prior to 7.7.10.1

Update 1

On November 5, 2025, Cisco updated their security advisory to raise awareness of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This new attack variant may impact unpatched devices, causing them to unexpectedly reload leading to denial of service (DoS) conditions.

The Cyber Centre encourages users and administrators to review the web links provided, perform the suggested mitigations and apply the necessary updates if available.

Date modified: