Multiple critical vulnerabilities exist in Versa Concerto SD-WAN, potentially allowing remote attackers to bypass authentication, escape Docker containers, and achieve full system compromise. CVE-2025-34026, a Traefik authentication bypass, is particularly critical, enabling unauthorized access to admin endpoints and internal Spring Boot Actuator data and has been added to the CISA Known Exploited Vulnerabilities Catalog. CVE-2025-34025 allows privilege escalation leading to Docker container escape and host-level code execution, while CVE-2025-34027 involves another Traefik authentication bypass leading to arbitrary file writes and remote code execution. Organizations are advised to apply vendor patches, restrict access to orchestration interfaces, and implement network segmentation.
Outbreak Alert Versa Concerto SD-WAN Authentication Bypass Released: Feb 03, 2026 Versa Concerto Authentication Bypass Vulnerability Tags High Severity Subscribe Critical Versa Concerto Vulnerabilities Leads to Code Execution Multiple critical security vulnerabilities in the Versa Concerto network security and SD-WAN orchestration platform. When chained, these flaws could allow remote attackers to bypass authentication, escape Docker containers, and fully compromise both the application and the underlying host system. Learn More » Common Vulnerabilities and Exposures Background Versa Concerto is an orchestration and management platform for Versa Networks’ SD-WAN and SASE (Secure Access Service Edge) solutions. Widely deployed in enterprise and managed networking environments. CVE-2025-34025: Privilege escalation flaw enabling Docker container escape and host-level code execution. CVE-2025-34026: Traefik authentication bypass allowing unauthorized access to admin endpoints and internal Spring Boot Actuator data. CVE-2025-34026 was flagged for urgent attention and added to the CISA Known Exploited Vulnerabilities Catalog. CVE-2025-34027: Traefik authentication bypass leading to arbitrary file writes and full remote code execution via package upload endpoint. Latest Development Recent news and incidents related to cybersecurity threats encompassing various events such as data breaches, cyber-attacks, security incidents, and vulnerabilities discovered. Organizations are advised to apply vendor patches, restrict access to orchestration interfaces, and implement protective controls such as network segmentation and strict administrative access policies to limit exposure. January 29, 2026: FortiGuard Labs released a Threat Signal. https://www.fortiguard.com/threat-signal-report/6327/versa-concerto-sd-wan-authentication-bypass January 22, 2026: CVE-2025-34026 was added to the CISA Known Exploited Vulnerabilities Catalog FortiGuard Cybersecurity Framework Mitigate security threats and vulnerabilities by leveraging the range of FortiGuard Services. IPS IOC Automated Response Assisted Response Services NOC/SOC Training End-User Training Attack Surface Hardening FortiADC DB 35.158 FortiGate DB 35.158 FortiNDR DB 35.158 FortiProxy DB 35.158 FortiSASE DB 35.158 FortiAnalyzer FortiCloud SOCaaS FortiSIEM FortiSOAR FortiXDR Incident Response NSE Training Response Readiness Security Awareness & Training Security Rating Threat Intelligence Information gathered from analyzing ongoing cybersecurity events including threat actors, their tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), malware and related vulnerabilities. References Sources of information in support and relation to this Outbreak and vendor. ProjectDiscovery Blog Learn More » CVE-2025-34025 Patch Learn More » CVE-2025-34026 Patch Learn More » CVE-2025-34027 Patch Learn More » About FortiGuard Outbreak Alerts Learn More »