Vulnerability in Cisco Firepower Threat Defense Software
CVE-2025-20268
A vulnerability in the Geolocation-Based Remote Access (RA) VPN feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies to allow or deny HTTP connections…
EPSS: 0.000 (12.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 5.8 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N.
Affected products
- Cisco Firepower Threat Defense Software — versions 7.7.0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2025-20268?
- CVE-2025-20268 is a medium-severity vulnerability in Cisco Firepower Threat Defense Software, classified under CWE-229. CVSS score: 5.8/10. Published 2025-08-14.
- How severe is CVE-2025-20268?
- Medium severity. CVSS v3 base score is 5.8 out of 10.