Cisco SD-WAN Has a New Root-Level Problem, and There’s No Fix Yet

**Cisco SD-WAN CVE-2026-20245:** Cisco warns of a command-injection file-upload vulnerability in Cisco Catalyst SD-WAN Manager that can allow an authenticated netadmin to execute arbitrary commands as root; there is no available patch or workaround, detection guidance points to `/var/log/scripts.log` entries referencing `vconfd_script_upload_tenant_list.sh`, and compromised systems require TAC-assisted remediation rather than just applying updates.