CVE-2025-20122

CWE-3004 documents4 sources
Severity
7.8HIGH
EPSS
0.1%
top 80.62%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Cisco Catalyst Sd-wan ManagerCisco Catalyst Sd-wan Manager
Timeline
PublishedMay 7

Description

A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating system. This vulnerability is due to insufficient input validation. An authenticated attacker with read-only privileges on the SD-WAN Manager system could exploit this vulnerability by sending a crafted request to the CLI of the SD-WAN Manager. A successful exploit could allow the attacker to gain

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDcisco/catalyst_sd-wan_manager282 versions+281
CVEListV5cisco/cisco_catalyst_sd-wan_manager303 versions+302

🔴Vulnerability Details

2
GHSA
GHSA-mmr9-p6pg-2mp3: A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privi2025-05-07
CVEList
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability2025-05-07

📋Vendor Advisories

1
Cisco
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability2025-05-07
CVE-2025-20122 (HIGH CVSS 7.8) | A vulnerability in the CLI of Cisco | cvebase.io