Versa Networks has released an advisory for a vulnerability (CVE-2024-39717) in Versa Director, a key component in managing SD-WAN networks, used by some Internet Service Providers (ISPs) and Managed Service Providers (MSPs). A cyber threat actor could exploit this vulnerability to take control of an affected system.
CISA urges organizations to apply necessary updates, hunt for any malicious activity, report any positive findings to CISA, and review the following for more information:
CISA has added this vulnerability to its Known Exploited Vulnerabilities Catalog based on evidence of active exploitation.