CVE-2025-20339

EPSS 0.03%
Veröffentlicht 24.09.2025 17:15:40
Zuletzt bearbeitet 15.04.2026 00:35:42
Quelle psirt@cisco.com
CVE-Watchlists
Login
Unerledigt
Login

Cisco SD-WAN vEdge Software Access Control List Bypass Vulnerability

A vulnerability in the access control list (ACL) processing of IPv4 packets of Cisco SD-WAN vEdge Software could allow an unauthenticated, remote attacker to bypass a configured ACL.

This vulnerability is due to the improper enforcement of the implicit deny all at the end of a configured ACL. An attacker could exploit this vulnerability by attempting to send unauthorized traffic to an interface on an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 4

CNA 2 VulnDex Vulnerability Enrichment 2

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

HerstellerCisco

≫

Produkt Cisco SD-WAN vEdge Cloud

Default Statusunknown

Version 20.9.1

Status affected

Version 20.9.1.1

Status affected

Version 20.9.2

Status affected

Version 20.9.3

Status affected

Version 20.9.3.1

Status affected

Version 20.9.2.2

Status affected

Version 20.9.2.3

Status affected

Version 20.9.4

Status affected

Version 20.9.5

Status affected

Version 20.9.5.1

Status affected

Version 20.9.6

Status affected

Version 20.9.5.3

Status affected

HerstellerCisco

≫

Produkt Cisco SD-WAN vEdge Router

Default Statusunknown

Version 20.3.1

Status affected

Version 20.3.2

Status affected

Version 20.4.1

Status affected

Version 20.4.1.1

Status affected

Version 20.3.3

Status affected

Version 20.4.1.2

Status affected

Version 20.4.2

Status affected

Version 20.3.4

Status affected

Version 20.3.5

Status affected

Version 20.9.1

Status affected

Version 20.3.6

Status affected

Version 20.9.2

Status affected

Version 20.3.7

Status affected

Version 20.9.3

Status affected

Version 20.3.3.2

Status affected

Version 20.3.4.3

Status affected

Version 20.9.3.1

Status affected

Version 20.3.7.1

Status affected

Version 20.3.5.1

Status affected

Version 20.4.2.3

Status affected

Version 20.9.2.2

Status affected

Version 20.3.7.2

Status affected

Version 20.9.2.3

Status affected

Version 20.9.4

Status affected

Version 20.12.1

Status affected

Version 20.3.8

Status affected

Version 20.9.4.1777

Status affected

Version 20.9.5

Status affected

Version 20.9.5.1

Status affected

Version 20.12.3.1

Status affected

Version 20.9.6

Status affected

Version 20.9.5.3

Status affected

VulnDex Vulnerability Enrichment

Diese Information steht angemeldeten Benutzern zur Verfügung.

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.03%	0.086

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
psirt@cisco.com	5.8	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N

CWE-284 Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-defaultacl-pSJk9nVF

https://nvd.nist.gov/vuln/detail/CVE-2025-20339

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-20339

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-20339

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-20339