virus logo Intrusion Prevention

Cisco.ASA.FTD.HTTP_CONTENTTOBUFFER.Buffer.Overflow

description-logoDescription

This indicates an attack attempt to exploit a Buffer Overflow vulnerability in Cisco Adaptive Security Appliance and Firepower Threat Defense.
The vulnerability is due to insufficient validation of user-supplied inputs. A remote attacker could exploit this vulnerability by sending a crafted request to the target device. Successful exploitation could lead to remote code execution.

description-logoOutbreak Alert

Critical zero-day vulnerabilities affecting Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD) software have been actively exploited in the wild. The campaign is widespread and involves exploiting zero-day vulnerabilities to gain unauthenticated remote code execution on ASAs, as well as manipulating read-only memory (ROM) to persist through reboot and system upgrade. This activity presents a significant risk to victim networks.

View the full Outbreak Alert Report

affected-products-logoAffected Products

Cisco ASA software release 9.12 - versions prior to 9.12.4.72
Cisco ASA software release 9.14 - versions prior to 9.14.4.28
Cisco ASA software release 9.16 - versions prior to 9.16.4.85
Cisco ASA software release 9.17 - versions prior to 9.17.1.45
Cisco ASA software release 9.18 - versions prior to 9.18.4.67
Cisco ASA software release 9.19 - versions prior to 9.19.1.42
Cisco ASA software release 9.20 - versions prior to 9.20.4.10
Cisco ASA software release 9.22 - versions prior to 9.22.2.14
Cisco ASA software release 9.23 - versions prior to 9.23.1.19
Cisco FTD software release 7.0 - versions prior to 7.0.8.1
Cisco FTD software release 7.1 - all versions
Cisco FTD software release 7.2 - versions prior to 7.2.10.2
Cisco FTD software release 7.3 - all versions
Cisco FTD software release 7.4 - versions prior to 7.4.2.4
Cisco FTD software release 7.6 - versions prior to 7.6.2.1
Cisco FTD software release 7.7 - versions prior to 7.7.10.1

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's advisory for updates:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-webvpn-z5xP8EUB

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Status Detail
2025-12-16 35.135
Modified
 Default_action:pass:drop
2025-12-05 35.128
New
ID 59548
Created Dec 03, 2025
Updated Dec 15, 2025
CVE ID
Tags Cisco ASA and FTD Firewall Zero-day Threat Signal
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon
Known Exploited Yes
Exploit Prediction Score 18.66%
Default Action drop
Active
Affected OS Linux
Affected App Cisco
Profile Type Buffer Errors