What is CVE-2025-24288?

CVE-2025-24288 is a critical-severity vulnerability in Versa Director. CVSS score: 9.8/10. Published 2025-06-18.

How severe is CVE-2025-24288?

Critical severity. CVSS v3 base score is 9.8 out of 10.

Vulnerability in Versa Director

CVE-2025-24288

The Versa Director software exposes a number of services by default and allow attackers an easy foothold due to default credentials and multiple accounts (most with sudo access) that utilize the same default credentials. By default, Versa…

EPSS: 0.003 (56.9th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 9.8 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H.

Affected products

Versa Director — versions 21.2.2, 21.2.3, 22.1.1

References

security-portal.versa-networks.com/emailbulletins/68526d12dc94d6b9f2faf719
support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4

Frequently asked questions

What is CVE-2025-24288?: CVE-2025-24288 is a critical-severity vulnerability in Versa Director. CVSS score: 9.8/10. Published 2025-06-18.
How severe is CVE-2025-24288?: Critical severity. CVSS v3 base score is 9.8 out of 10.