CVE-2026-20127: Cisco Catalyst SD-WAN Controller/Manager Zero-Day Authentication Bypass Vulnerability Exploited in the Wild
ID: cb202b7a-6319-5522-85a4-bbf67e7cb781
STIX ID: report--cb202b7a-6319-5522-85a4-bbf67e7cb781
Feed Name: Tenable Blog
Threat Score
**Critical authentication bypass zero-day (CVE-2026-20127) in Cisco Catalyst SD‑WAN Controller and Manager is being exploited in the wild; immediate patching is recommended and multiple government agencies (including CISA and ASD) have issued alerts and hunting guidance, with Cisco Talos attributing active exploitation to threat actor UAT-8616.**
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.