CVE-2025-20183
Description
A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint. The vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance.
CVSS Details
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N Threat Intelligence
Weaknesses 1
Affected Products 58
| Vendor | Product | Version | Range |
|---|---|---|---|
| cisco | asyncos | 11.8.0-414 | any |
| cisco | asyncos | 11.8.0-429 | any |
| cisco | asyncos | 11.8.0-453 | any |
| cisco | asyncos | 11.8.1-023 | any |
| cisco | asyncos | 11.8.3-018 | any |
| cisco | asyncos | 11.8.3-021 | any |
| cisco | asyncos | 11.8.4-004 | any |
| cisco | asyncos | 12.0.1-268 | any |
| cisco | asyncos | 12.0.1-334 | any |
| cisco | asyncos | 12.0.2-004 | any |
| cisco | asyncos | 12.0.2-012 | any |
| cisco | asyncos | 12.0.3-005 | any |
| cisco | asyncos | 12.0.3-007 | any |
| cisco | asyncos | 12.0.4-002 | any |
| cisco | asyncos | 12.0.5-011 | any |
| cisco | asyncos | 12.5.1-011 | any |
| cisco | asyncos | 12.5.1-043 | any |
| cisco | asyncos | 12.5.2-007 | any |
| cisco | asyncos | 12.5.2-011 | any |
| cisco | asyncos | 12.5.3-002 | any |
| cisco | asyncos | 12.5.4-005 | any |
| cisco | asyncos | 12.5.4-011 | any |
| cisco | asyncos | 12.5.5-004 | any |
| cisco | asyncos | 12.5.5-005 | any |
| cisco | asyncos | 12.5.5-008 | any |
| cisco | asyncos | 12.5.6-008 | any |
| cisco | asyncos | 14.0.1-014 | any |
| cisco | asyncos | 14.0.1-040 | any |
| cisco | asyncos | 14.0.1-053 | any |
| cisco | asyncos | 14.0.1-503 | any |
| cisco | asyncos | 14.0.2-012 | any |
| cisco | asyncos | 14.0.3-014 | any |
| cisco | asyncos | 14.0.4-005 | any |
| cisco | asyncos | 14.0.5-007 | any |
| cisco | asyncos | 14.1.0-032 | any |
| cisco | asyncos | 14.1.0-041 | any |
| cisco | asyncos | 14.1.0-047 | any |
| cisco | asyncos | 14.5.0-498 | any |
| cisco | asyncos | 14.5.0-537 | any |
| cisco | asyncos | 14.5.0-673 | any |
| cisco | asyncos | 14.5.1-008 | any |
| cisco | asyncos | 14.5.1-016 | any |
| cisco | asyncos | 14.5.1-510 | any |
| cisco | asyncos | 14.5.1-607 | any |
| cisco | asyncos | 14.5.2-011 | any |
| cisco | asyncos | 14.5.3-033 | any |
| cisco | asyncos | 15.0.0-322 | any |
| cisco | asyncos | 15.0.0-355 | any |
| cisco | asyncos | 15.1.0-287 | any |
| cisco | asyncos | 15.2.0-116 | any |
| cisco | asyncos | 15.2.0-164 | any |
| cisco | secure_web_appliance_virtual_s1000v | * | any |
| cisco | secure_web_appliance_virtual_s100v | * | any |
| cisco | secure_web_appliance_virtual_s300v | * | any |
| cisco | secure_web_appliance_virtual_s600v | * | any |
| cisco | secure_web_appliance_s196 | * | any |
| cisco | secure_web_appliance_s396 | * | any |
| cisco | secure_web_appliance_s696 | * | any |
References 1
- sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-swa-range-bypass-2BsEHYSu
Remediation
No remediation data recorded yet
Check vendor advisories and the NVD entry for patch availability.