Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN...

5.8 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

Description

A vulnerability in the Geolocation-Based Remote Access (RA) VPN feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies to allow or deny HTTP connections based on a country or region.

This vulnerability exists because the URL string is not fully parsed. An attacker could exploit this vulnerability by sending a crafted HTTP connection through the targeted device. A successful exploit could allow the attacker to bypass configured policies and gain access to a network where the connection should have been denied.

Basic Information

ID CVE-2025-20268

Source cisco

Published Aug 14, 2025 at 16:30

Modified Aug 14, 2025 at 19:18

Affected Product

Vendor Cisco

Product Cisco Firepower Threat Defense Software

Version 7.7.0

Affected Versions Cisco Cisco Firepower Threat Defense Software 7.7.0

References

sec.cloudapps.cisco.com /security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ravpn-geobypass-9h38M37Z

{
    "lastseen": "",
    "description": "A vulnerability in the Geolocation-Based Remote Access (RA) VPN feature of Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies to allow or deny HTTP connections based on a country or region.\r\n\r\nThis vulnerability exists because the URL string is not fully parsed. An attacker could exploit this vulnerability by sending a crafted HTTP connection through the targeted device. A successful exploit could allow the attacker to bypass configured policies and gain access to a network where the connection should have been denied.",
    "published": "2025-08-14T16:30:34.427Z",
    "modified": "2025-08-14T19:18:58.227Z",
    "type": "cve",
    "title": "Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability",
    "source": "cisco",
    "references": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-ravpn-geobypass-9h38M37Z",
    "id": "CVE-2025-20268",
    "bulletinFamily": "",
    "cwe": null,
    "cvelist": null,
    "sourceData": "Cisco Cisco Firepower Threat Defense Software 7.7.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.8,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Cisco Firepower Threat Defense Software",
    "version": "7.7.0",
    "vendor": "Cisco",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability_CVE-2025-20268

Description

Basic Information

Affected Product

References

💭 Join the Security Discussion ❌ Cancel Reply