Versa Concerto
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Versa Concerto.
Known Exploited Versa Concerto Vulnerabilities
The following Versa Concerto vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.
| Title | Description | Added |
|---|---|---|
| Versa Concerto Improper Authentication Vulnerability |
Versa Concerto SD-WAN orchestration platform contains an improper authentication vulnerability in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs. CVE-2025-34026 Exploit Probability: 75.1% |
January 22, 2026 |
The vulnerability CVE-2025-34026: Versa Concerto Improper Authentication Vulnerability is in the top 5% of the currently known exploitable vulnerabilities.
By the Year
In 2026 there have been 0 vulnerabilities in Versa Concerto. Last year, in 2025 Concerto had 3 security vulnerabilities published. Right now, Concerto is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 3 | 0.00 |
It may take a day or so for new Concerto vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Versa Concerto Security Vulnerabilities
Versa Concerto SD-WAN Priv Escalation via Unsafe Host Binary Mount (12.1.2-12.2.0)
CVE-2025-34025
- May 21, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and container escape vulnerability caused by unsafe default mounting of host binary paths that allow the container to modify host paths. The escape can be used to trigger remote code execution or direct host access depending on the host operating system configuration.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.
Incorrect Permission Assignment for Critical Resource
Auth Bypass & RCE via Traefik in Versa Concerto SD-WAN 12.1.2-12.2.0
CVE-2025-34027
- May 21, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The Spack upload endpoint can be leveraged for a Time-of-Check to Time-of-Use (TOCTOU) write in combination with a race condition to achieve remote code execution via path loading manipulation, allowing an unauthenticated actor to achieve remote code execution (RCE).This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.
TOCTTOU
Auth bypass in Versa Concerto Traefik config (12.1.2-12.2.0)
CVE-2025-34026
- May 21, 2025
The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.
Authentication Bypass Using an Alternate Path or Channel
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Versa Concerto or by Versa? Click the Watch button to subscribe.
