What is the CVSS score of CVE-2024-45208?

CVE-2024-45208 has a CVSS 3.1 base score of 9.8 (Critical). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. EPSS exploitation probability: 1.2%.

Which versions of Microsoft are affected by CVE-2024-45208?

A critical vulnerability in Versa Director SD-WAN platforms allows unauthenticated attackers with network access to execute administrative commands and deploy malware, potentially compromising all…

How to fix or mitigate CVE-2024-45208?

Within 24 hours: Inventory all Versa Director instances and assess network accessibility to ports 4566/4570; implement emergency network segmentation to restrict access to these ports to authorized HA peer IPs only. Within 7 days: Deploy WAF rules or intrusion prevention signatures to monitor/block suspicious NCS service activity; conduct forensic review of Director access logs for unauthorized activity. Within 30 days: Evaluate alternative SD-WAN solutions or request expedited patch timelines from Versa Networks; implement network micro-segmentation to isolate Director infrastructure and require VPN access for all administrative functions.

Microsoft CVE-2024-45208

EUVD-2024-54691 CRITICAL

Improper Access Control (CWE-284)

2025-06-19 support@hackerone.com

RCE Microsoft Cisco

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

EUVD ID Assigned

Mar 15, 2026 - 00:08 euvd

EUVD-2024-54691

Analysis Generated

Mar 15, 2026 - 00:08 vuln.today

CVE Published

Jun 19, 2025 - 00:15 nvd

CRITICAL 9.8

DescriptionNVD

The Versa Director SD-WAN orchestration platform which makes use of Cisco NCS application service. Active and Standby Directors communicate over TCP ports 4566 and 4570 to exchange High Availability (HA) information using a shared password. Affected versions of Versa Director bound to these ports on all interfaces. An attacker that can access the Versa Director could access the NCS service on port 4566 and exploit it to perform unauthorized administrative actions and perform remote code execution. Customers are recommended to follow the hardening guide.

Versa Networks is not aware of any reported instance where this vulnerability was exploited. Proof of concept for this vulnerability has been disclosed by third party security researchers.

AnalysisAI

Critical remote code execution vulnerability in Versa Director SD-WAN orchestration platform affecting the Cisco NCS application service bound to TCP ports 4566 and 4570. An unauthenticated network attacker can exploit weak HA authentication mechanisms to gain unauthorized administrative access and execute arbitrary code with CVSS 9.8 severity. While no active exploitation has been confirmed, third-party proof-of-concept code has been publicly disclosed, significantly elevating real-world risk.

Technical ContextAI

Versa Director implements High Availability (HA) clustering between Active and Standby Director instances using shared password-based authentication over TCP ports 4566 and 4570 for synchronization of HA state information. The vulnerability resides in the Cisco NCS (Network Control System) application service integrated within Versa Director. The root cause is CWE-284 (Improper Access Control / Insufficient Access Control), where authentication and authorization mechanisms fail to adequately protect the NCS service endpoints. The shared password mechanism and binding to all interfaces (0.0.0.0) without network segmentation creates an exploitable attack surface. An attacker with network access to these ports can bypass authentication, access the NCS service, and leverage administrative interfaces to execute arbitrary commands with system privileges.

RemediationAI

Immediate actions: (1) Consult Versa Networks official security advisory for patched version availability and deployment timeline; (2) As interim mitigation, implement network-level access controls restricting TCP ports 4566 and 4570 to authorized HA peer IP addresses only—bind NCS service to specific internal interface IPs rather than 0.0.0.0; (3) Deploy firewall rules limiting access to these ports from trusted HA partner systems; (4) If immediate patching unavailable, isolate affected Versa Director instances to internal-only networks pending patch availability; (5) Review HA password strength and consider forcing HA re-authentication post-incident. Versa Networks hardening guide (referenced in description) should be consulted for defense-in-depth configuration. Once vendor patches released, apply immediately to all affected Versa Director instances. Verify patch deployment by confirming NCS service accessibility is restricted post-update.

More from same product – last 7 days

CVE-2026-40412 CRITICAL Monitor

10.0 May 22

Remote code execution in Microsoft Azure Orbital Spatio allows unauthenticated network attackers to upload dangerous fil

CVE-2026-41104 CRITICAL Monitor

10.0 May 22

Unsafe deserialization in Microsoft Planetary Computer Pro (Geocatalog) lets a remote unauthenticated attacker craft mal

CVE-2026-23652 CRITICAL Monitor

10.0 May 22

Remote code execution in Microsoft Power Pages allows unauthenticated network attackers to inject and execute operating-

CVE-2026-47280 CRITICAL Monitor

10.0 May 22

Privilege elevation in Microsoft Azure Resource Manager (ARM) allows remote unauthenticated attackers to bypass authenti

CVE-2026-42901 CRITICAL Monitor

10.0 May 22

Privilege escalation in Microsoft Entra ID enables remote unauthenticated attackers to bypass origin validation and gain

CVE-2024-45208 vulnerability details – vuln.today

Back

Microsoft CVE-2024-45208

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Share

External POC / Exploit Code