Kevin BeaumontSep 25, 2025
If you like China goes brr and cyber willy waves, today will be a good day
Show threadKevin BeaumontSep 25, 2025

Three new CVEs for Cisco AnyConnect/ASA

CVE-2025-20333
CVE-2025-20363
CVE-2025-20362

Chained and under active exploitation since earlier in the year

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-exec-WmfP3h3O

#CyberWillyWave

Show threadKevin BeaumontSep 25, 2025
These are really important to patch btw, it's unauth RCE in Cisco AnyConnect/ASA and yes - zero day, despite the wording. China goes brrr, expect the interweb to get plastered with details soon. #CyberWillyWave
Show threadstarkzarn 

@GossiTheDog where are you getting the "unauth" data from? I still haven't seen anything from Cisco or any other threat intel sources that show that.

I look forward to your write-up/scan results/whatever. I'm just curious about the unauth portion, because that's a huge gap and the responsibility of Cisco to bear.

Sep 30, 2025 at 4:10pmWeb