A vulnerability affecting Cisco Catalyst SD-WAN Controller has drawn urgent attention after Cisco, Rapid7, and CISA confirmed active exploitation. CVE-2026-20182 is a critical authentication bypass flaw in Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager that carries a CVSS 10.0 score and can let an unauthenticated remote attacker gain administrative privileges on an affected…
Tag: SDWAN
AI, Exploits, Global Security News
Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)
Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly sophisticated cyber threat actor”. About CVE-2026-20182 CVE-2026-20182 – affecting both Cisco Catalyst SD-WAN Controller (the “brain” of the Cisco Catalyst SD-WAN solution) and Cisco Catalyst SD-WAN Manager (the management plane for the entire…
AI, Cybersecurity, Exploits, Global Security News, Network Security
Cisco warns of an actively exploited SD-WAN flaw with max severity
Cisco has disclosed a max-severity authentication bypass vulnerability affecting its Catalyst SD-WAN Controller and Catalyst SD-WAN Manager platforms, warning that the flaw has already been found to be exploited in the wild. The disclosure follows an earlier authentication bypass vulnerability that Cisco patched in February. In the latest advisory, the company said the new flaw…
AI, Exploits, Global Security News
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrative privileges on compromised devices. […]
AI, Exploits, Global Security News
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0. “A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly
AI, Global Security News, Network Security
AI-Ready, Simpler, and More Secure WAN: Cisco SD-WAN Innovations
Explore what’s new in Cisco Catalyst SD-WAN 26.1.1, simplifying SASE adoption, enabling AI-ready networking, and streamlining operations.
Global Security News, Risk Management
Fake PoCs, Misunderstood Risks Cause Cisco SD-WAN Chaos
The excitement around Cisco’s latest SD-WAN bugs has inspired some light fraud, misunderstandings, and overlooked risks.
Global Security News, Network Security
US Agencies Face CISA Deadline Over Critical Cisco SD-WAN Flaw
US agencies race to meet a CISA deadline after a critical Cisco SD-WAN Flaw exposed federal networks to long-term intrusion and forced security action.
Exploits, Global Security News, Network Security
CISA Issues Emergency Directive Over Exploited Cisco SD-WAN Flaws
CISA issued urgent directive as attackers exploit Cisco SD-WAN flaw granting admin access to networks
Global Security News
Cisco Catalyst SD-WAN with Integrated NGFW Certified by Orange Business to Deliver Complete Branch Security
Orange Business certifies Cisco Catalyst SD-WAN integrated NGFW capabilities, enabling secure, simplified branch protection through a unified SD-WAN architecture for managed services.
AI, Exploits, Global Security News, Network Security, Risk Management
Cisco flags ongoing exploitation of two recently patched Catalyst SD-WAN flaws
Cisco warns that two recently patched Catalyst SD-WAN flaws, CVE-2026-20128 and CVE-2026-20122, are already being actively exploited in the wild. Cisco warned customers that threat actors are actively exploiting two recently patched Catalyst SD-WAN vulnerabilities, CVE-2026-20128 and CVE-2026-20122. The networking giant urged organizations to apply the latest security updates to reduce the risk of compromise.…
Exploits, Global Security News
Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
Cisco has disclosed that two more vulnerabilities affecting Catalyst SD-WAN Manager (formerly SD-WAN vManage) have come under active exploitation in the wild. The vulnerabilities in question are listed below – CVE-2026-20122 (CVSS score: 7.1) – An arbitrary file overwrite vulnerability that could allow an authenticated, remote attacker to overwrite arbitrary files on the local file…
AI, Exploits, Global Security News
Cisco warns of SD-WAN Manager exploitation, fixes 48 firewall vulnerabilities
Cisco has confirmed that two Catalyst SD-WAN Manager vulnerabilities (CVE-2026-20128 and CVE-2026-20122) patched in late February 2025 are being exploited by attackers. The exploited vulnerabilities (CVE-2026-20128, CVE-2026-20122) CVE-2026-20128 is a bug in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager, which could allow an authenticated, local attacker to gain DCA user privileges…
Exploits, Global Security News
Cisco flags more SD-WAN flaws as actively exploited in attacks
Cisco has flagged two more Catalyst SD-WAN Manager security flaws as actively exploited in the wild, urging administrators to upgrade vulnerable devices. […]
AI, APAC, Cloud Security, Compliance, Cybersecurity, Data Breaches, Exploits, Global Security News, Government & Policy, Network Security, privacy, Risk Management, Russia
Zero-Days, Data Breaches, and AI Risks Define This Week’s Cybersecurity Landscape
Major Threats & Vulnerabilities Zero-Day Exploits and Critical CVEs Cisco SD-WAN Zero-Day Grants Root Access has been actively exploited since 2023, allowing attackers to bypass authentication and gain root privileges. Cisco urges administrators to patch immediately, secure management planes, and monitor for rogue peers. ServiceNow AI Platform Vulnerability could allow unauthenticated remote code execution through…
AI, Data Breaches, Exploits, Global Security News, Network Security, Risk Management
Cisco SD-WAN Zero-Day Actively Exploited to Gain Root Access
A zero-day vulnerability in Cisco Catalyst SD-WAN products has been actively exploited since at least 2023, allowing attackers to bypass authentication and ultimately gain root access in targeted environments. This flaw affects core control-plane components and has been linked to a sophisticated threat actor cluster known as UAT-8616. “The Cisco Catalyst SD-WAN zero-day, which is…
AI, Cybersecurity, Exploits, Global Security News, Network Security, Risk Management
U.S. CISA adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco SD-WAN flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added two Cisco SD-WAN flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog: CVE-2022-20775 Cisco Catalyst SD-WAN Path Traversal Vulnerability CVE-2026-20127 Cisco Catalyst SD-WAN Controller and Manager Authentication…
AI, Exploits, Global Security News, Network Security, Risk Management
Hackers abused Cisco SD-WAN zero-day since 2023 to gain full admin control
Cisco SD-WAN vulnerability CVE-2026-20127 has been exploited since 2023 to gain unauthenticated admin access. A critical Cisco SD-WAN vulnerability, tracked as CVE-2026-20127 (CVSS score of 10.0), has been actively exploited since 2023. The flaw affects Catalyst SD-WAN Controller and Manager and allows remote, unauthenticated attackers to bypass authentication and gain full administrative access by sending…
Exploits, Global Security News
Global Cyber Agencies Urge Immediate Patching of Cisco SD-WAN Zero Day
The US and allies are urging Cisco Catalyst SD-WAN customers to hunt for signs of exploitation
AI, Exploits, Global Security News
Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access
A newly disclosed maximum-severity security flaw in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious activity that dates back to 2023. The vulnerability, tracked as CVE-2026-20127 (CVSS score: 10.0), allows an unauthenticated remote attacker to bypass authentication and obtain
Global Security News
Cisco SD-WAN vulnerabilities (CVE-2026-20127, CVE-2022-20775) in active exploitation
Categories: Threat Research Tags: advisory, vulnerability, SD-WAN
Exploits, Global Security News, Network Security
Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023
Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers and add malicious rogue peers to targeted networks. […]