Vulnerability in Versa Concerto

CVE-2025-34025

The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and container escape vulnerability caused by unsafe default mounting of host binary paths that allow the container to modify host paths. The escape…

EPSS: 0.002 (44.5th percentile) — read the EPSS interpretation.

Affected products

Versa Concerto — versions 12.1.2

Weakness classification (CWE)

CWE-732 — Incorrect Permission Assignment for Critical Resource

References

projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce (exploit, mitigation)