Synced 16 Jun 2026 15:24 UTC Account
← All products

CVE-2025-20157

MEDIUM severity · CVSS 5.9 · CWE-295
5.9CVSS MEDIUM

Summary

A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to gain access to sensitive information. This vulnerability is due to improper validation of certificates that are used by the Smart Licensing feature. An attacker with a privileged network position could exploit this vulnerability by intercepting traffic that is sent over the Internet. A successful exploit could allow the attacker to gain access to sensitive information, including credentials used by the device to connect to Cisco cloud services.

Impact & exploitability

Attack vectorNetwork
Attack complexityHigh
Privileges requiredNone
User interactionNone
Confidentiality impactHigh
Integrity impactNone
Availability impactNone
Exploit probability (EPSS)0%

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected products we track (1)

Catalyst SD-WAN Manager

Recommendation

Apply the vendor fix in your normal patch cycle. Open any affected product above for its exact safe version.

Additional information