Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

Cisco has disclosed CVE-2026-20245, a high-severity (CVSS 7.8) command-injection vulnerability in Catalyst SD-WAN Manager that is being actively exploited; an attacker with netadmin privileges can upload a crafted file to achieve root command execution. The advisory links this issue to recently exploited authentication-bypass flaws (CVE-2026-20182, CVE-2026-20127), provides example /var/log/scripts.log IoCs, warns Internet-exposed systems are at heightened risk, and notes no direct patch is yet available—customers are advised to apply fixes for related CVEs and monitor for indicators.