VDB

CVE-2025-20268

CVE-2025-20268 PUBLISHED CVSS 5.800000190734863 MEDIUM

A vulnerability in the Geolocation-Based Remote Access (RA) VPN feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies to allow or deny HTTP connections based on a country or region. This vulnerability exists because the URL string is not fully parsed. An attacker could exploit this vulnerability by sending a crafted HTTP connection through the targeted device. A successful exploit could allow the attacker to bypass configured policies and gain access to a network where the connection should have been denied.

EPSS 0.04% · 12.9th percentile

Risk Scores

CVSS 3.1
5.800000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
EPSS Score
0.04%
12.9th percentile

Affected Products

VendorProductVersions
CiscoCisco Firepower Threat Defense Software7.7.0

Exploit Intelligence

Timeline

  • Oct 10, 2024 CVE ID Reserved
  • Aug 14, 2025 Coalition ESS Score
  • Aug 14, 2025 CVE Published
  • Aug 14, 2025 CVE Updated
  • Aug 15, 2025 EPSS Score
  • Aug 15, 2025 Coalition ESS Score
  • Aug 23, 2025 EPSS Score
  • Aug 26, 2025 Coalition ESS Score
  • Aug 31, 2025 EPSS Score
  • Sep 9, 2025 EPSS Score
  • Sep 17, 2025 EPSS Score
  • Sep 25, 2025 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›