Main Vulnerability Database Vulnerabilities #VU108826

OS Command Injection in Cisco SD-WAN vManage - CVE-2025-20213

Published: May 9, 2025

Vulnerability identifier: #VU108826

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-20213

CWE-ID: CWE-78

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Cisco Systems, Inc

Affected software:
Cisco SD-WAN vManage

Detailed vulnerability description

The vulnerability allows a local user to execute arbitrary shell commands on the target system.

The vulnerability exists due to improper access controls on files in the CLI. A local user can overwrite arbitrary files and execute arbitrary OS commands on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

How to mitigate CVE-2025-20213

Install updates from vendor's website.

Sources

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-fileoverwrite-Uc9tXWH

OS Command Injection in Cisco SD-WAN vManage - CVE-2025-20213

Detailed vulnerability description

How to mitigate CVE-2025-20213

Sources

Please verify you're human