Hackers are exploiting exposed Cisco products, Five Eyes intelligence agencies say

CISA, NSA and Five Eyes warn of active global exploitation of critical Cisco SD‑WAN vulnerabilities (CVE‑2026‑20127 and CVE‑2022‑20775) by a sophisticated actor identified by Cisco as UAT‑8616; exploits can provide root privileges on affected devices. Cisco and partner agencies released advisories, patches and a hunt guide and urged immediate mitigation, log preservation and network checks because federal and enterprise networks are at risk.