Affected Vendors This Week
- Cisco — 2 CVEs (1 Critical, 1 High)
- ASUS — 3 CVEs (3 Medium)
- TP-Link — 1 CVE (Unrated)
- BEC — 1 CVE (Medium)
This week brings a critical vulnerability in Cisco's SD-WAN infrastructure alongside a high-severity VPN denial-of-service issue affecting Meraki gateways. A collection of kernel-level vulnerabilities rounds out the week, with mixed applicability across router vendors.
Critical Priority
CVE-2024-45208 (CVSS 9.8) affects the Versa Director SD-WAN orchestration platform using Cisco NCS. The vulnerability exists in the High Availability communication channel between Active and Standby Directors over TCP ports 4566 and 4570. This critical flaw requires immediate patching for any organization running Versa Director in active-standby configurations. Check your Cisco NCS version and apply available patches without delay.
High Priority
CVE-2025-20271 (CVSS 8.6) impacts Cisco Meraki MX and Z Series Teleworker Gateway devices via the AnyConnect VPN server component. An unauthenticated remote attacker can trigger a denial-of-service condition. If your organization deploys Meraki gateways as remote access points, verify firmware versions and prioritize updates to restore service stability.
Medium Priority & Kernel Issues
Three medium-severity CVEs touch Linux kernel subsystems: CVE-2022-50062 (bgmac driver), CVE-2022-49960 (i915 graphics), and CVE-2025-38009 (mt76 WiFi driver). These affect ASUS and BEC devices but require kernel updates rather than router-specific patches. Additionally, CVE-2025-6151 targets TP-Link TL-WR940N V4 and TL-WR841N V11 routers with a buffer overflow in the WAN SLAAC configuration module—check for firmware updates from TP-Link.
Action items: Prioritize Cisco CVE-2024-45208 immediately, schedule Meraki updates for CVE-2025-20271, and review TP-Link firmware release notes for CVE-2025-6151 patches.