Cisco Catalyst SD-WAN Manager Certificate Validation Vulnerability

A vulnerability in certificate validation processing of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to gain access to sensitive information.<br><br>
This vulnerability is due to improper validation of certificates that are used by the Smart Licensing feature. An attacker with a privileged network position could exploit this vulnerability by intercepting traffic that is sent over the Internet. A successful exploit could allow the attacker to gain access to sensitive information, including credentials used by the device to connect to Cisco cloud services.<br><br>

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br>
This advisory is available at the following link:<br><a href=”https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catalyst-tls-PqnD5KEJ”>https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catalyst-tls-PqnD5KEJ</a><br><br>

<br/>Security Impact Rating: Medium

<br/>CVE: CVE-2025-20157Cisco Security AdvisoryRead More