CVE-2025-20183

Summary

A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint. 

The vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco Secure Web Appliance11.8.0-453affected
CiscoCisco Secure Web Appliance12.5.3-002affected
CiscoCisco Secure Web Appliance12.0.3-007affected
CiscoCisco Secure Web Appliance12.0.3-005affected
CiscoCisco Secure Web Appliance14.1.0-032affected
CiscoCisco Secure Web Appliance14.1.0-047affected
CiscoCisco Secure Web Appliance14.1.0-041affected
CiscoCisco Secure Web Appliance12.0.4-002affected
CiscoCisco Secure Web Appliance14.0.2-012affected
CiscoCisco Secure Web Appliance11.8.0-414affected
CiscoCisco Secure Web Appliance12.0.1-268affected
CiscoCisco Secure Web Appliance11.8.1-023affected
CiscoCisco Secure Web Appliance11.8.3-021affected
CiscoCisco Secure Web Appliance11.8.3-018affected
CiscoCisco Secure Web Appliance12.5.1-011affected
CiscoCisco Secure Web Appliance11.8.4-004affected
CiscoCisco Secure Web Appliance12.5.2-007affected
CiscoCisco Secure Web Appliance12.5.2-011affected
CiscoCisco Secure Web Appliance14.5.0-498affected
CiscoCisco Secure Web Appliance12.5.4-005affected
CiscoCisco Secure Web Appliance12.5.4-011affected
CiscoCisco Secure Web Appliance12.0.5-011affected
CiscoCisco Secure Web Appliance14.0.3-014affected
CiscoCisco Secure Web Appliance12.5.5-004affected
CiscoCisco Secure Web Appliance12.5.5-005affected
CiscoCisco Secure Web Appliance12.5.5-008affected
CiscoCisco Secure Web Appliance14.0.4-005affected
CiscoCisco Secure Web Appliance14.5.1-008affected
CiscoCisco Secure Web Appliance14.5.1-016affected
CiscoCisco Secure Web Appliance15.0.0-355affected
CiscoCisco Secure Web Appliance15.0.0-322affected
CiscoCisco Secure Web Appliance12.5.6-008affected
CiscoCisco Secure Web Appliance15.1.0-287affected
CiscoCisco Secure Web Appliance14.5.2-011affected
CiscoCisco Secure Web Appliance15.2.0-116affected
CiscoCisco Secure Web Appliance14.0.5-007affected
CiscoCisco Secure Web Appliance15.2.0-164affected
CiscoCisco Secure Web Appliance14.5.1-510affected
CiscoCisco Secure Web Appliance12.0.2-012affected
CiscoCisco Secure Web Appliance12.0.2-004affected
CiscoCisco Secure Web Appliance14.5.1-607affected
CiscoCisco Secure Web Appliance14.5.3-033affected
CiscoCisco Secure Web Appliance14.5.0-673affected
CiscoCisco Secure Web Appliance14.5.0-537affected
CiscoCisco Secure Web Appliance12.0.1-334affected
CiscoCisco Secure Web Appliance14.0.1-503affected
CiscoCisco Secure Web Appliance14.0.1-053affected
CiscoCisco Secure Web Appliance11.8.0-429affected
CiscoCisco Secure Web Appliance14.0.1-040affected
CiscoCisco Secure Web Appliance14.0.1-014affected
CiscoCisco Secure Web Appliance12.5.1-043affected

Weaknesses

  • CWE-20: Improper Input Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References