Bleeping Computer

Cisco warns of unpatched SD-WAN zero-day exploited in attacks

On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. The ...
SDxCentral

Cisco's SD-WAN nightmare continues with fresh root access vulnerability

Customers urged to audit logs and preserve evidence as flaw allows attackers to gain root access by uploading crafted files ...
Dark Reading

Fake PoCs, Misunderstood Risks Cause Cisco SD-WAN Chaos

Amid a stream of new vulnerabilities in Cisco's Catalyst SD-WAN Manager, some researchers are arguing that organizations have misplaced their focus, hyperfixating on one critical vulnerability with a ...
Dark Reading

Cisco SD-WAN Zero-Day Under Exploitation for 3 Years

Cisco revealed today that a critical zero-day vulnerability in its Catalyst SD-WAN Controller has been exploited in the wild for "at least three years." The vulnerability, tracked as CVE-2026-20127, ...
SDxCentral

CISA flags 3 exploited Cisco vulnerabilities for patching

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed three Cisco Catalyst SD-WAN Manager bugs as under exploit and setting a deadline to fix the issue. Two of the exploited flaws, ...
Bleeping Computer

Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain ...