CVE‑2026‑20182: Authentication Bypass in Cisco Catalyst SD‑WAN

Colleagues — FYI in cybersecurity: an authentication bypass in Cisco Catalyst SD‑WAN Controller (CVE‑2026‑20182) is being exploited in limited attacks.
- Rapid7 discovered the issue; Cisco has released updates.
- An attacker can bypass peering, obtain admin privileges and manipulate NETCONF/SD‑WAN configuration.
- Affects On‑Prem, Cloud‑Pro, Cisco‑Managed and FedRAMP deployments; exposed internet ports increase risk.
- Recommendation: urgently apply patches and inspect /var/log/auth.log for 'Accepted publickey for vmanage-admin' and any suspicious peering events.
Why this matters: it grants access to network configuration — risk of severe compromise.
What will you do in your network?
#cybersecurity #Cisco #SDWAN


Latest comments
No comments yet.