CVE-2025-34025

Published May 21, 2025

Last updated 2 months ago

CVSS high 8.6

Overview

Description
The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and container escape vulnerability caused by unsafe default mounting of host binary paths that allow the container to modify host paths. The escape can be used to trigger remote code execution or direct host access depending on the host operating system configuration.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.
Source
disclosure@vulncheck.com
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
8.6
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
HIGH

Weaknesses

disclosure@vulncheck.com
CWE-732

Social media

Hype score
Not currently trending

  1. SASE事業者Versa Networks社のConcerto Orchestratorで3件のゼロデイ脆弱性が修正。最大CVSSスコア10。ProjectDiscoveryが報告していたもので、Concertoアプリケーションとそれを動かしているホストシステムを完全に掌握するこ

    @__kokumoto

    25 May 2025

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Da Recall ai bug Versa: ecosistema di identità digitale fragile e facilmente compromettibile Sicurezza Informatica, Active Directory, bypass autenticazione, CVE-2025-34025, CVE-2025-47949, orchestrazione SD-WAN, SAML parsing flaw, Samlify, Signal DRM, SS… https://t.co/UI4GpELa

    @matricedigitale

    22 May 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 Unpatched Versa Concerto Bugs Allow RCE, Auth Bypass 3 critical flaws (CVE-2025-34025–27) let attackers hijack systems via URL parsing, IP spoofing & Docker misconfigs. No fix yet—apply WAF filters now. https://t.co/0I6v5o9LIU #CyberSecurity #RCE #Infosec #Grok ht

    @dCypherIO

    22 May 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. [CVE-2025-34025: HIGH] Beware! Versa Concerto SD-WAN platform has a privileges escalation vulnerability allowing container escape to modify host paths, risking remote code execution. Upgrade now!#cve,CVE-2025-34025,#cybersecurity https://t.co/TAF3K2x00N https://t.co/dCrovD3c8Y

    @CveFindCom

    21 May 2025

    35 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.