CVE-2026-20182: CISA Adds Critical Cisco SD‑WAN Vulnerability to KEV

Colleagues, a cybersecurity alert: CISA added CVE‑2026‑20182 (Cisco Catalyst SD‑WAN) to the KEV list — critical (CVSS 10.0); federal agencies must remediate by 17 May 2026.
• Discovery: authentication bypass enabling unauthenticated remote admin access.
• Exploitation: Cisco Talos links activity to UAT‑8616 cluster; observed SSH key additions, NETCONF tampering and root escalation.
• Impact: web shells (XenShell, Godzilla, Behinder), cryptominers and credential theft.
• Actions: follow Cisco guidance — patch and isolate affected controllers.
Why it matters: the vulnerability chain permits full SD‑WAN compromise.
How will you respond?
#cybersecurity #vulnerability #SDWAN #CISA


Latest comments
No comments yet.