We just posted our AttackerKB @rapid7 Analysis for the recent Cisco ASA 0day chain; CVE-2025-20362 and CVE-2025-20333. The auth bypass appears to be a patch bypass of an older 2018 vuln. The buffer overflow is in a Lua endpoint, but unsafe native code operations allow a buffer to be overflowed and memory corruption to occur. Full technical root cause analysis here: https://attackerkb.com/topics/Szq5u0xgUX/cve-2025-20362/rapid7-analysis
See Tweet