Container Escape and Privilege Escalation Vulnerability in Versa Concerto SD-WAN Platform
CVE-2025-34025

8.6HIGH

Key Information:

Vendor: Versa
Status: Concerto
Vendor: CVE Published:; 21 May 2025

Badges

👾 Exploit Exists

What is CVE-2025-34025?

The Versa Concerto SD-WAN orchestration platform contains a vulnerability stemming from unsafe default configurations that allow containers to access and modify host binary paths. This issue can potentially lead to privilege escalation or container escape, enabling unauthorized users to execute arbitrary code on the host system based on the specific configurations of the operating system. The vulnerability affects versions ranging from 12.1.2 to 12.2.0, with the possibility of additional versions also being impacted.

Affected Version(s)

Concerto 12.1.2 <= 12.2.0

References

https://projectdiscovery.io/blog/versa-concerto-authentic...

exploitmitigation

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
May 21, 2025
👾
Exploit known to exist
May 21, 2025
Vulnerability published
May 21, 2025
Vulnerability Reserved
Apr 15, 2025

Credit

ProjectDiscovery

Harsh Jaiswal

Rahul Maini

Parth Malhotra