diff --git a/src/content/changelog/waf/2025-10-07-emergency-waf-release.mdx b/src/content/changelog/waf/2025-10-07-emergency-waf-release.mdx new file mode 100644 index 000000000000000..fa9d65c7613c3e3 --- /dev/null +++ b/src/content/changelog/waf/2025-10-07-emergency-waf-release.mdx @@ -0,0 +1,44 @@ +--- +title: "WAF Release - 2025-10-07 - Emergency" +description: Cloudflare WAF managed rulesets 2025-10-07 emergency release +date: 2025-10-07 +--- + +import { RuleID } from "~/components"; + +This week highlights multiple critical Cisco vulnerabilities (CVE-2025-20363, CVE-2025-20333, CVE-2025-20362). This flaw stems from improper input validation in HTTP(S) requests. An authenticated VPN user could send crafted requests to execute code as root, potentially compromising the device. +The initial two rules were made available on September 28, with a third rule added today, October 7, for more robust protection. + +* Cisco (CVE-2025-20333, CVE-2025-20362, CVE-2025-20363): Multiple vulnerabilities that could allow attackers to exploit unsafe deserialization and input validation flaws. Successful exploitation may result in arbitrary code execution, privilege escalation, or command injection on affected systems. + +**Impact** + +Cisco (CVE-2025-20333, CVE-2025-20362, CVE-2025-20363): Exploitation enables attackers to escalate privileges or achieve remote code execution via command injection. +Administrators are strongly advised to apply vendor updates immediately. + + + + + + + + + + + + + + + + + + + + + + + + +
RulesetRule IDLegacy Rule IDDescriptionPrevious ActionNew ActionComments
Cloudflare Managed Ruleset + + 100788BCisco Secure Firewall Adaptive Security Appliance - Remote Code Execution - CVE:CVE-2025-20333, CVE:CVE-2025-20362, CVE:CVE-2025-20363N/ABlockThis is a New Detection