CVSS: 8.6EPSS: 0%CPEs: 668EXPL: 0CVE-2025-20239
https://notcve.org/view.php?id=CVE-2025-20239
14 Aug 2025 — A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to a lack of proper processing of IKEv2 packets. ... In the case of Cis... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-DOESHWHy •
CVSS: 5.8EPSS: 0%CPEs: 452EXPL: 0CVE-2025-20225
https://notcve.org/view.php?id=CVE-2025-20225
14 Aug 2025 — A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to a lack of proper processing of IKEv2 packets. ... In the case of Cis... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-DOESHWHy •
CVSS: 5.8EPSS: 0%CPEs: 314EXPL: 0CVE-2025-20224
https://notcve.org/view.php?id=CVE-2025-20224
14 Aug 2025 — A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending a continuous stream o... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-DOESHWHy •
CVSS: 8.6EPSS: 0%CPEs: 88EXPL: 0CVE-2025-20222 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Buffer Vulnerability
https://notcve.org/view.php?id=CVE-2025-20222
14 Aug 2025 — A vulnerability in the RADIUS proxy feature for the IPsec VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of IPv6 packets. ... A successful exploit could allow the attacker to trigger a reload of the device, resulting ... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp2k-IPsec-dos-tjwgdZCO •
CVSS: 8.6EPSS: 0%CPEs: 29EXPL: 0CVE-2025-20217 – Cisco Firepower Threat Defense Intrusion Detection Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20217
14 Aug 2025 — A vulnerability in the packet inspection functionality of the Snort 3 Detection Engine of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incorrect processing of traffic that is inspected by an affected device. ... A successful exploit could allow the attacker to cause the affected device to enter a... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-dos-SvKhtjgt •
CVSS: 8.6EPSS: 0%CPEs: 300EXPL: 0CVE-2025-20136 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software Network Address Translation DNS Inspection Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20136
14 Aug 2025 — A vulnerability in the function that performs IPv4 and IPv6 Network Address Translation (NAT) DNS inspection for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to an infinite loop condition that occurs when a Cisco Secure ... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-nat-dns-dos-bqhynHTM •
CVSS: 4.3EPSS: 0%CPEs: 300EXPL: 0CVE-2025-20135 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software DHCP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20135
14 Aug 2025 — A vulnerability in the DHCP client functionality of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to exhaust available memory. This vulnerability is due to improper validation of incoming DHCP packets. ... A successful exploit could allow the attacker to exhaust available memory, which would affect availability of services and prevent new processes from starting, ... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-dhcp-qj7nGs4N •
CVSS: 7.7EPSS: 0%CPEs: 16EXPL: 0CVE-2025-20127 – Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 3100 and 4200 Series TLS Cipher Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20127
14 Aug 2025 — This vulnerability is due to the implementation of the TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. An attacker could exploit this vulnerability by sending a large number of TLS 1.3 connections with the specific TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. A successful exploit could allow the attacker to cause a denial of service (DoS) condition where no new incoming encrypted connections are accepted. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-3100_4200_tlsdos-2yNSCd54 •
CVSS: 8.6EPSS: 0%CPEs: 276EXPL: 0CVE-2025-20133 – Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Authentication Targeted Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20133
14 Aug 2025 — A vulnerability in the management and VPN web servers of the Remote Access SSL VPN feature of Cisco Secure Firewall ASA Software and Secure FTD Software could allow an unauthenticated, remote attacker to cause the device to unexpectedly stop responding, resulting in a DoS condition. This vulnerability is due to ineffective validation of user-supplied input during the Remote Access SSL VPN authentication process. An attacker could exploit this vulnerability by sendin... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-vpn-dos-mfPekA6e •
CVSS: 8.6EPSS: 0%CPEs: 32EXPL: 0CVE-2025-20134 – Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL/TLS Certificate Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20134
14 Aug 2025 — A vulnerability in the certificate processing of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper parsing of SSL/TLS certificates. ... A successful exploit could allow the attacker to cause the devic... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssltls-dos-eHw76vZe •