{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-19T13:54:20.421","vulnerabilities":[{"cve":{"id":"CVE-2025-20252","sourceIdentifier":"psirt@cisco.com","published":"2025-08-14T17:15:38.767","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition.\r\n\r This vulnerability is due to improper parsing of IKEv2 packets. An attacker could exploit this vulnerability by sending a continuous stream of crafted IKEv2 packets to an affected device. A successful exploit could allow the attacker to partially exhaust system memory, causing system instability like being unable to establish new IKEv2 VPN sessions. A manual reboot of the device is required to recover from this condition."},{"lang":"es","value":"Una vulnerabilidad en el módulo Intercambio de Claves de Internet Versión 2 (IKEv2) del software Cisco Secure Firewall Adaptive Security Appliance (ASA) y del software Secure Firewall Threat Defense (FTD) podría permitir que un atacante remoto no autenticado provoque una fuga de memoria, lo que resulta en una denegación de servicio (DoS). Esta vulnerabilidad se debe a un análisis incorrecto de paquetes IKEv2. Un atacante podría explotarla enviando un flujo continuo de paquetes IKEv2 manipulados a un dispositivo afectado. Una explotación exitosa podría permitir al atacante agotar parcialmente la memoria del sistema, lo que causaría inestabilidad, como la imposibilidad de establecer nuevas sesiones VPN IKEv2. Es necesario reiniciar el dispositivo manualmente para solucionar este problema."}],"metrics":{"cvssMetricV31":[{"source":"psirt@cisco.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L","baseScore":5.8,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"LOW"},"exploitabilityScore":3.9,"impactScore":1.4}]},"weaknesses":[{"source":"psirt@cisco.com","type":"Secondary","description":[{"lang":"en","value":"CWE-401"}]}],"references":[{"url":"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-DOESHWHy","source":"psirt@cisco.com"}]}}]}