vulnerability

Cisco Catalyst SD-WAN: CVE-2025-20157: Cisco Catalyst SD-WAN Manager Certificate Validation Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:N/AC:M/Au:N/C:C/I:N/A:N)	May 7, 2025	May 9, 2025	Jul 8, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:C/I:N/A:N)

Published

May 7, 2025

Added

May 9, 2025

Modified

Jul 8, 2025

Description

A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to gain access to sensitive information.

This vulnerability is due to improper validation of certificates that are used by the Smart Licensing feature. An attacker with a privileged network position could exploit this vulnerability by intercepting traffic that is sent over the Internet. A successful exploit could allow the attacker to gain access to sensitive information, including credentials used by the device to connect to Cisco cloud services.

Solution

cisco-catalyst-sdwan-update-latest

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today