CVE-2025-23168: 
Versa Director vulnerability analysis and mitigation

CVE-2025-23168 affects the Versa Director SD-WAN orchestration platform's Two-Factor Authentication (2FA) implementation. The vulnerability was disclosed on June 18, 2025, impacting the platform's OTP-based authentication system. The issue allows attackers who possess valid username and password credentials to redirect OTP delivery to their own devices, potentially compromising account security (NVD CVE).

The vulnerability stems from multiple design flaws in the 2FA implementation: 1) The system accepts untrusted user input when dispatching 2FA codes, enabling OTP delivery redirection, 2) OTP/TOTP codes remain valid after use, allowing code reuse by attackers, 3) Inadequate restrictions on login attempt frequency, and 4) OTP values are generated from a small keyspace, making brute-force attacks feasible. The vulnerability has been assigned a CVSS v3.1 Base Score of 6.3 (Medium) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L (NVD CVE).

If exploited, this vulnerability could allow attackers to bypass 2FA protection and gain unauthorized access to user accounts. The combination of OTP redirection capability and code reuse creates a significant security risk for account compromise. The small keyspace for OTP generation further compounds the risk by making brute-force attacks more practical (NVD CVE).

Versa Networks recommends upgrading Director to one of the remediated software versions. The following releases contain fixes for this vulnerability: 21.2.3, 22.1.2, 22.1.3, and 22.1.4 (Versa Support 21.2.3, Versa Support 22.1.2, Versa Support 22.1.3, Versa Support 22.1.4).