Threat Advisories - NVD Disclosed September 25, 2025

CVE-2025-20362

Cisco Firewall VPN Web Server Unauthorized Access Vulnerability.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A vulnerability in Cisco Secure Firewall VPN web servers allows unauthenticated attackers to access restricted URLs. This could lead to unauthorized access, impacting system availability and data confidentiality for affected organizations. Organizations should address this risk promptly.

NVD published: September 25, 2025 • CISA KEV

CVE advisoryKnown Exploit

CVE-2025-20333

Cisco Secure Firewall VPN Vulnerability Allows Code Execution.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

A vulnerability in Cisco Secure Firewall VPN web servers could allow an authenticated attacker to execute arbitrary code. This could lead to complete compromise of affected devices. The U.S. CISA has identified this as a known exploited vulnerability.

NVD published: September 25, 2025 • CISA KEV

CVE advisoryCRITICAL

CVE-2020-36851

Unauthenticated users can steal cloud credentials or access internal systems using this proxy.

Halo Surface Signal: 5 out of 5 — more likely to be public-facing.

Misconfigured cors-anywhere proxies can let attackers steal cloud credentials or access internal systems by tricking the proxy into making requests to any target.

NVD published: September 25, 2025