CVE-2025-34025 – Versa Concerto Privilege Escalation and Container Escape Vulnerability

CVE ID : CVE-2025-34025

Published : May 21, 2025, 11:15 p.m. | 1 hour, 58 minutes ago

Description : The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and container escape vulnerability caused by unsafe default mounting of host binary paths that allow the container to modify host paths. The escape can be used to trigger remote code execution or direct host access depending on the host operating system configuration.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…