CISA orders all federal agencies to patch exploited bug in Cisco SD-WAN systems by Sunday

CVE-2026-20182 is a critical (10/10) authentication-bypass vulnerability in Cisco SD-WAN that can allow unauthenticated remote attackers to obtain administrative privileges; Cisco has released a patch and CISA has issued emergency guidance requiring agencies to inventory affected systems, collect logs, hunt for compromise, and report findings. Rapid7 discovered the flaw while researching a related bug, exploitation has been observed in the wild, and analysts warn the vulnerability is attractive to nation-state actors seeking persistent access.