개요
Cisco 제품에서 발생하는 취약점을 해결하는 보안 업데이트를 발표하였습니다. 해당하는 제품 사용자는 최신 버전으로 업데이트 하시기 바랍니다.
대상 제품
CVE-2025-20333
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.12.0 이상 9.12.4.72 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.14.0 이상 9.14.4.28 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.16.0 이상 9.16.4.85 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.17.0 이상 9.17.1.45 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.18.0 이상 9.18.4.47 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.19.0 이상 9.19.1.37 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.20.0 이상 9.20.3.7 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.22.0 이상 9.22.1.3 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.0.0 이상 7.0.8.1 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.1.0 이상 7.2.9 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.2.0 이상 7.2.9 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.3.0 이상 7.4.2.4 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.4.0 이상 7.4.2.4 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.6.0 이상 7.6.1 미만
CVE-2025-20362
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.12.0 이상 9.12.4.72 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.14.0 이상 9.14.4.28 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.16.0 이상 9.16.4.85 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.17.0 이상 9.18.4.67 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.18.0 이상 9.18.4.67 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.19.0 이상 9.20.4.10 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.20.0 이상 9.20.4.10 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.22.0 이상 9.22.2.14 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.23.0 이상 9.23.1.19 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.0.0 이상 7.0.8.1 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.1.0 이상 7.2.10.2 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.2.0 이상 7.2.10.2 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.3.0 이상 7.4.2.4 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.4.0 이상 7.4.2.4 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.6.0 이상 7.6.2.1 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.7.0 이상 7.7.10.1 미만
CVE-2025-20363
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.12.0 이상 9.12.4.72 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.14.0 이상 9.14.4.28 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.16.0 이상 9.16.4.84 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.17.0 이상 9.18.4.57 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.18.0 이상 9.18.4.57 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.19.0 이상 9.19.1.42 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.20.0 이상 9.20.3.16 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.22.0 이상 9.22.2 미만
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.23.0 이상 9.23.1.3 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.0.0 이상 7.0.8 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.1.0 이상 7.2.10 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.2.0 이상 7.2.10 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.3.0 이상 7.4.2.3 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.4.0 이상 7.4.2.3 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.6.0 이상 7.6.1 미만
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.7.0 이상 7.7.10 미만
해결된 취약점
Cisco Secure Firewall Adaptive Security Appliance(ASA) Software 및 Cisco Secure Firewall Threat Defense(FTD) Software의 VPN 웹 서버에서 발생하는 원격 코드 실행 취약점(CVE-2025-20333)
Cisco Secure Firewall Adaptive Security Appliance(ASA) Software 및 Cisco Secure Firewall Threat Defense(FTD) Software의 VPN 웹 서버에서 발생하는 인증 우회 취약점(CVE-2025-20362)
Cisco Secure Firewall Adaptive Security Appliance(ASA) Software, Cisco Secure Firewall Threat Defense(FTD) Software, Cisco IOS Software, Cisco IOS XE Software 및 Cisco IOS XR Software의 웹 서비스에서 발생하는 원격 코드 실행 취약점(CVE-2025-20363)
취약점 패치
최신 업데이트를 통해 취약점 패치가 제공되었습니다. 참고 사이트의 안내에 따라 최신 취약점 패치 버전으로 업데이트 하시기 바랍니다.
CVE-2025-20333
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.12.4.72
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.14.4.28
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.16.4.85
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.17.1.45
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.18.4.47
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.19.1.37
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.20.3.7
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.22.1.3
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.0.8.1
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.2.9
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.4.2.4
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.6.1
CVE-2025-20362
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.12.4.72
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.14.4.28
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.16.4.85
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.18.4.67
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.20.4.10
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.22.2.14
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.23.1.19
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.0.8.1
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.2.10.2
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.4.2.4
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.6.2.1
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.7.10.1
CVE-2025-20363
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.12.4.72
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.14.4.28
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.16.4.84
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.18.4.57
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.19.1.42
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.20.3.16
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.22.2
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software 버전: 9.23.1.3
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.0.8
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.2.10
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.4.2.3
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.6.1
Cisco Secure Firewall Threat Defense (FTD) Software 버전: 7.7.10
참고사이트
[1] Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvp…
[2] Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvp…
[3] Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-http-code-ex…