Bleeping Computer

Cisco warns of unpatched SD-WAN zero-day exploited in attacks

On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. The ...
Dark Reading

Cisco SD-WAN Zero-Day Under Exploitation for 3 Years

Cisco revealed today that a critical zero-day vulnerability in its Catalyst SD-WAN Controller has been exploited in the wild for "at least three years." The vulnerability, tracked as CVE-2026-20127, ...
Dark Reading

Fake PoCs, Misunderstood Risks Cause Cisco SD-WAN Chaos

Amid a stream of new vulnerabilities in Cisco's Catalyst SD-WAN Manager, some researchers are arguing that organizations have misplaced their focus, hyperfixating on one critical vulnerability with a ...
SDxCentral

CISA flags 3 exploited Cisco vulnerabilities for patching

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) listed three Cisco Catalyst SD-WAN Manager bugs as under exploit and setting a deadline to fix the issue. Two of the exploited flaws, ...
Bleeping Computer

Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain ...