logo

Cisco Warns of Active Exploitation of Catalyst SD-WAN Flaw With No Patch Available

ID: e8443bd6-d963-50d4-b8c2-e07c123e1b18

STIX ID: report--e8443bd6-d963-50d4-b8c2-e07c123e1b18

Feed Name: The Cyber Express

Threat Score
90/100

Date Published: 2026-06-08

Date Updated: 2026-06-08

Author: Ashish Khaitan

...
...

Cisco has disclosed CVE-2026-20245, a high-severity CLI input-validation vulnerability in Catalyst SD-WAN Manager that permits authenticated netadmin users to execute arbitrary commands as root; the flaw carries a CVSS 3.1 base score of 7.8, is being actively exploited in the wild, and currently has no patch. Attackers are chaining this bug with two other CVEs to obtain initial access and escalate privileges, which can allow malicious configuration pushes to thousands of edge devices across enterprise, MSP, and carrier environments; Cisco recommends restricting CLI access, enabling MFA, limiting file uploads, monitoring logs, isolating the management plane, and applying the patch when released.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.