Cisco SD-WAN Zero-Day Exploited Since May—CVSS 10.0
CVE-2026-20182 allows unauthenticated attackers to inject rogue peers into Cisco SD-WAN fabrics. Active exploitation since May; no workaround available—patch immediately.
9 articles tagged with "Sd Wan"
CVE-2026-20182 allows unauthenticated attackers to inject rogue peers into Cisco SD-WAN fabrics. Active exploitation since May; no workaround available—patch immediately.
CVE-2026-20262 joins CVE-2026-20245 on CISA's exploited vulnerabilities list. Attackers deploy malicious .war files via path traversal to gain root access on Catalyst SD-WAN Manager.
CVE-2026-20245 lets attackers with netadmin credentials execute arbitrary commands as root on Cisco Catalyst SD-WAN Manager. Active exploitation confirmed, no fix available yet.
CVE-2026-20182 lets unauthenticated attackers gain admin access to Cisco Catalyst SD-WAN controllers. CISA adds to KEV with federal deadline. Here's what you need to know.
CVE-2026-20182 allows unauthenticated attackers to gain admin access to Cisco Catalyst SD-WAN controllers. CISA added it to the KEV catalog after confirmed exploitation.
Cisco confirms active exploitation of two more SD-WAN Manager vulnerabilities. Attackers deploying web shells through arbitrary file overwrite and credential exposure flaws.
Cisco confirmed CVE-2026-20122 and CVE-2026-20128 in Catalyst SD-WAN Manager are under active exploitation, with attackers deploying web shells globally.
CVE-2026-20127 gives attackers full admin access to Cisco SD-WAN infrastructure. CISA emergency directive requires federal patches by Feb 27.
CVE-2025-54322 enables unauthenticated root RCE on SD-WAN appliances and edge routers. Vendor has ignored seven months of disclosure attempts. No patch available.