Remote Code Execution Vulnerability in Versa Director SD-WAN by Versa Networks
CVE-2024-45208

Currently unrated

Key Information:

Vendor: Versa Networks
Status: Versa Director SD-WAN
Vendor: CVE Published:; 19 June 2025

🔔 Create Versa Networks Vulnerability Alert

What is CVE-2024-45208?

A vulnerability exists in the Versa Director SD-WAN orchestration platform, which utilizes the Cisco NCS application service. The platform's Active and Standby Directors use TCP ports 4566 and 4570 to exchange High Availability (HA) information protected by a shared password. Attackers with access to the Versa Director could reach the NCS service on port 4566, enabling unauthorized administrative actions and potential remote code execution. Although no known exploits have been identified, it is crucial for users to adhere to the provided hardening guides to mitigate risks.

References

https://docs.versa-networks.com/Solutions/System_Hardenin...

https://security-portal.versa-networks.com/emailbulletins...

https://support.versa-networks.com/support/solutions/arti...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 19, 2025