CVE-2025-20183: Cisco Secure Web Appliance AVC Range Header AV Evasion
CVE-2025-20183 Published on February 5, 2025
Cisco Secure Web Appliance Range Request Bypass Vulnerability
A vulnerability in a policy-based Cisco Application Visibility and Control (AVC) implementation of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to evade the antivirus scanner and download a malicious file onto an endpoint.
The vulnerability is due to improper handling of a crafted range request header. An attacker could exploit this vulnerability by sending an HTTP request with a crafted range request header through the affected device. A successful exploit could allow the attacker to evade the antivirus scanner and download malware onto the endpoint without detection by Cisco Secure Web Appliance.
Vulnerability Analysis
CVE-2025-20183 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, with no impact on integrity, and no impact on availability.
Weakness Type
Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
Products Associated with CVE-2025-20183
Want to know whenever a new CVE is published for Cisco Asyncos? stack.watch will email you.
Affected Versions
Cisco Secure Web Appliance:- Version 11.8.0-453 is affected.
- Version 12.5.3-002 is affected.
- Version 12.0.3-007 is affected.
- Version 12.0.3-005 is affected.
- Version 14.1.0-032 is affected.
- Version 14.1.0-047 is affected.
- Version 14.1.0-041 is affected.
- Version 12.0.4-002 is affected.
- Version 14.0.2-012 is affected.
- Version 11.8.0-414 is affected.
- Version 12.0.1-268 is affected.
- Version 11.8.1-023 is affected.
- Version 11.8.3-021 is affected.
- Version 11.8.3-018 is affected.
- Version 12.5.1-011 is affected.
- Version 11.8.4-004 is affected.
- Version 12.5.2-007 is affected.
- Version 12.5.2-011 is affected.
- Version 14.5.0-498 is affected.
- Version 12.5.4-005 is affected.
- Version 12.5.4-011 is affected.
- Version 12.0.5-011 is affected.
- Version 14.0.3-014 is affected.
- Version 12.5.5-004 is affected.
- Version 12.5.5-005 is affected.
- Version 12.5.5-008 is affected.
- Version 14.0.4-005 is affected.
- Version 14.5.1-008 is affected.
- Version 14.5.1-016 is affected.
- Version 15.0.0-355 is affected.
- Version 15.0.0-322 is affected.
- Version 12.5.6-008 is affected.
- Version 15.1.0-287 is affected.
- Version 14.5.2-011 is affected.
- Version 15.2.0-116 is affected.
- Version 14.0.5-007 is affected.
- Version 15.2.0-164 is affected.
- Version 14.5.1-510 is affected.
- Version 12.0.2-012 is affected.
- Version 12.0.2-004 is affected.
- Version 14.5.1-607 is affected.
- Version 14.5.3-033 is affected.
- Version 14.5.0-673 is affected.
- Version 14.5.0-537 is affected.
- Version 12.0.1-334 is affected.
- Version 14.0.1-503 is affected.
- Version 14.0.1-053 is affected.
- Version 11.8.0-429 is affected.
- Version 14.0.1-040 is affected.
- Version 14.0.1-014 is affected.
- Version 12.5.1-043 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.