CVE-2025-34025

HIGH

Versa Concerto <12.2.0 - Privilege Escalation

Title source: llm

Description

The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and container escape vulnerability caused by unsafe default mounting of host binary paths that allow the container to modify host paths. The escape can be used to trigger remote code execution or direct host access depending on the host operating system configuration.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.

References (1)

[Various Sources] https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce

Scores

CVSS v4 8.6

EPSS 0.0022

EPSS Percentile 44.3%

CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-732

Status published

Products (1)

Versa/Concerto 12.1.2 - 12.2.0

Published May 21, 2025

Tracked Since Feb 18, 2026