CVE-2026-20262: Cisco SD-WAN Manager Zero-Day Can Lead to Root Privilege Escalation
ID: edd4d76b-1e46-5c7d-88ef-31698ffaede1
STIX ID: report--edd4d76b-1e46-5c7d-88ef-31698ffaede1
Feed Name: SOC Prime Blog
Threat Score
Cisco disclosed CVE-2026-20262, an arbitrary file-write flaw in Catalyst SD-WAN Manager (formerly SD‑WAN vManage) that allows authenticated attackers with write access to upload or overwrite files (notably JSP/WAR) and can be leveraged for root escalation; limited in-the-wild exploitation was confirmed and vendors provided fixed release versions and IOC/detection guidance including logfile locations and artifacts to audit.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
