{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T02:11:09.981","vulnerabilities":[{"cve":{"id":"CVE-2025-20251","sourceIdentifier":"psirt@cisco.com","published":"2025-08-14T17:15:38.547","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Remote Access SSL VPN service for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to create or delete arbitrary files on the underlying operating system. If critical system files are manipulated, new Remote Access SSL VPN sessions could be denied and existing sessions could be dropped, causing a denial of service (DoS) condition. An exploited device requires a manual reboot to recover.\r\n\r\nThis vulnerability is due to insufficient input validation when processing HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to create or delete files on the underlying operating system, which could cause the Remote Access SSL VPN service to become unresponsive.\r\nTo exploit this vulnerability, the attacker must be authenticated as a VPN user of the affected device."},{"lang":"es","value":"Una vulnerabilidad en el servicio VPN SSL de acceso remoto para el software Cisco Secure Firewall Adaptive Security Appliance (ASA) y el software Cisco Secure Firewall Threat Defense (FTD) podría permitir que un atacante remoto autenticado cree o elimine archivos arbitrarios en el sistema operativo subyacente. Si se manipulan archivos críticos del sistema, se podrían denegar nuevas sesiones VPN SSL de acceso remoto y descartar las existentes, lo que causa una denegación de servicio (DoS). Un dispositivo vulnerable requiere un reinicio manual para recuperarse. Esta vulnerabilidad se debe a una validación de entrada insuficiente al procesar solicitudes HTTP. Un atacante podría explotar esta vulnerabilidad enviando solicitudes HTTP manipuladas a un dispositivo afectado. Una explotación exitosa podría permitir al atacante crear o eliminar archivos en el sistema operativo subyacente, lo que podría provocar que el servicio VPN SSL de acceso remoto deje de responder. Para explotar esta vulnerabilidad, el atacante debe estar autenticado como usuario VPN del dispositivo afectado."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"LOW","availabilityImpact":"HIGH"},"exploitabilityScore":3.1,"impactScore":4.7}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-1287"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-http-file-hUyX2jL4","source":"psirt@cisco.com"}]}}]}