Cisco Catalyst SD-WAN Manager
Coverage of Cisco Catalyst SD-WAN Manager in the Nexus archive.
- Cisco customers encounter another SD-WAN zero-day under attack
Cisco customers are facing another actively exploited zero-day vulnerability (CVE-2026-20245) in its SD-WAN management software, marking the seventh such exploit this year. The flaw allows authenticated attackers to execute commands as root, but Cisco warns no patch or workaround is currently available, and exploitation requires existing credentials or prior vulnerabilities.
- Cisco warns of unpatched SD-WAN zero-day exploited in attacks
Cisco warned of a high-severity unpatched zero-day vulnerability in its Cisco Catalyst SD-WAN Manager (CVE-2026-20245) that is currently being exploited in attacks to enable root privilege escalation.
- Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco released updates to address a severe authentication bypass flaw in Catalyst SD-WAN Controller, which has been exploited in limited attacks, carrying a CVSS score of 10.0. The vulnerability is tracked as CVE-2026-20182 and affects Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager.
- More Cisco SD-WAN bugs battered in attacks
CISA has issued an urgent warning that three vulnerabilities in Cisco Catalyst SD-WAN Manager are actively exploited in attacks, giving federal agencies four days to apply patches. The agency emphasizes the critical nature of the flaws, which could allow attackers to compromise network security.
- CISA Adds 8 Exploited Flaws to KEV, Sets April-May 2026 Federal Deadlines
CISA added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including three flaws in Cisco Catalyst SD-WAN Manager actively exploited in the wild. The agency set federal deadlines for remediation between April and May 2026, with CVE-2023-27351 highlighted as a high-severity authentication flaw in PaperCut.