logo

CVE-2026-20262: Cisco SD-WAN Manager Zero-Day Can Lead to Root Privilege Escalation

ID: edd4d76b-1e46-5c7d-88ef-31698ffaede1

STIX ID: report--edd4d76b-1e46-5c7d-88ef-31698ffaede1

Feed Name: SOC Prime Blog

Threat Score
85/100

Date Published: 2026-06-16

Date Updated: 2026-06-16

Author: SOC Prime Team

...
...

Cisco disclosed CVE-2026-20262, an arbitrary file-write flaw in Catalyst SD-WAN Manager (formerly SD‑WAN vManage) that allows authenticated attackers with write access to upload or overwrite files (notably JSP/WAR) and can be leveraged for root escalation; limited in-the-wild exploitation was confirmed and vendors provided fixed release versions and IOC/detection guidance including logfile locations and artifacts to audit.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.