CVE-2025-20157

Q: What is the severity of CVE-2025-20157?

CVE-2025-20157 has a CVSS score of 5.9 (MEDIUM). An improper certificate validation vulnerability in Cisco Catalyst SD-WAN Manager (formerly vManage) allows attackers to intercept Smart Licensing traffic and steal sensitive credentials. Unauthenticated remote attackers with privileged network positions can exploit this to access credentials used for Cisco cloud services. Organizations using affected versions of Cisco Catalyst SD-WAN Manager are vulnerable.

5.9 MEDIUM

📋 TL;DR

An improper certificate validation vulnerability in Cisco Catalyst SD-WAN Manager (formerly vManage) allows attackers to intercept Smart Licensing traffic and steal sensitive credentials. Unauthenticated remote attackers with privileged network positions can exploit this to access credentials used for Cisco cloud services. Organizations using affected versions of Cisco Catalyst SD-WAN Manager are vulnerable.

💻 Affected Systems

Products:

Cisco Catalyst SD-WAN Manager (formerly Cisco SD-WAN vManage)

Versions: Versions prior to the fixed release

Operating Systems: Cisco-specific OS

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects systems using Smart Licensing feature with certificate validation enabled.

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco

Catalyst Sd Wan Manager by Cisco