CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-34025: Versa Concerto Actuator Insecure Docker Mount Container Escape

8.6 CVSS

Description

The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and container escape vulnerability caused by unsafe default mounting of host binary paths that allow the container to modify host paths. The escape can be used to trigger remote code execution or direct host access depending on the host operating system configuration.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.

Classification

CVE ID: CVE-2025-34025

CVSS Base Severity: HIGH

CVSS Base Score: 8.6

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:L/SC:H/SI:H/SA:L

Problem Types

CWE-732 Incorrect Permission Assignment for Critical Resource

Affected Products

Vendor: Versa

Product: Concerto

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 14.19% (scored less or equal to compared to others)

EPSS Date: 2025-06-15 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-34025
https://projectdiscovery.io/blog/versa-concerto-authentication-bypass-rce

Timeline

2025-05-21 23:40:18 UTC
CVE

Versa Concerto Actuator Insecure Docker Mount Container Escape