Cisco Firepower Threat Defense vulnerabilities

CVE-2025-20333 [CRITICAL] CWE-120 CVE-2025-20333: A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Sof A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests.

CVE-2025-20363 [CRITICAL] CWE-122 CVE-2025-20363: A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Softw A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS,

CVE-2025-20362 [MEDIUM] CVE-2025-20362: Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisc Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions. Cisco strongly recommends that a

CVE-2025-20127 [HIGH] CWE-404 CVE-2025-20127: A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adapti A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software for Cisco Firepower 3100 and 4200 Series devices could allow an authenticated, remote attacker to consume resources that are associated with incoming TLS 1.3 co

CVE-2025-20182 [HIGH] CWE-787 CVE-2025-20182: A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol processing of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vu

CVE-2022-20685 [HIGH] CWE-190 CVE-2022-20685: A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthentica A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic thr

CVE-2024-20268 [HIGH] CWE-231 CVE-2024-20268: A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an unexpected reload of the device. This vulnerability is due to insufficient input validation of SNMP packets. An attacker

CVE-2024-20330 [HIGH] CWE-788 CVE-2024-20330: A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat De A vulnerability in the Snort 2 and Snort 3 TCP and UDP detection engine of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Appliances could allow an unauthenticated, remote attacker to cause memory corruption, which could cause the Snort detection engine to restart unexpectedly. This vulnerability is due to improper memo

CVE-2024-20408 [HIGH] CWE-1287 CVE-2024-20408: A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (A A vulnerability in the Dynamic Access Policies (DAP) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly. To exploit this vulnerability, an attacker would need valid remote access VPN user credenti

CVE-2024-20412 [CRITICAL] CWE-259 CVE-2024-20412: A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 310 A vulnerability in Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000, 2100, 3100, and 4200 Series could allow an unauthenticated, local attacker to access an affected system using static credentials. This vulnerability is due to the presence of static accounts with hard-coded passwords on an affected system. An attacker could

CVE-2024-20494 [HIGH] CWE-1287 CVE-2024-20494: A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Sof A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper data validation

CVE-2024-20495 [HIGH] CWE-20 CVE-2024-20495: A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software A vulnerability in the Remote Access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper v

CVE-2024-20402 [HIGH] CWE-788 CVE-2024-20402: A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisc A vulnerability in the SSL VPN feature for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a logic error in memory manageme

CVE-2024-20384 [MEDIUM] CWE-290 CVE-2024-20384: A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA A vulnerability in the Network Service Group (NSG) feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. This vulnerabilit

CVE-2024-20407 [MEDIUM] CWE-399 CVE-2024-20407: A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engin A vulnerability in the interaction between the TCP Intercept feature and the Snort 3 detection engine on Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured policies on an affected system. Devices that are configured with Snort 2 are not affected by this vulnerability. This vulnerability

CVE-2024-20382 [MEDIUM] CWE-80 CVE-2024-20382: A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) So A vulnerability in the VPN web client services feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a browser that is accessing an affected device. This vulnerability is due to improper valida

CVE-2024-20431 [MEDIUM] CWE-229 CVE-2024-20431: A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) So A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this vulnerability by sending traffic through an affected device

CVE-2024-20388 [MEDIUM] CWE-202 CVE-2024-20388: A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software c A vulnerability in the password change feature of Cisco Firepower Management Center (FMC) software could allow an unauthenticated, remote attacker to determine valid user names on an affected device. This vulnerability is due to improper authentication of password update responses. An attacker could exploit this vulnerability by forcing a password r

CVE-2024-20299 [MEDIUM] CWE-290 CVE-2024-20299: A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due

CVE-2024-20297 [MEDIUM] CWE-290 CVE-2024-20297: A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due