CVE-2026-20245 in Cisco SD‑WAN Manager: Active Exploitation, No Patch

Colleagues, a heads‑up for cybersecurity teams: active exploitation of CVE‑2026‑20245 in Cisco SD‑WAN Manager has been observed.
- A CLI parsing flaw allows command injection via a specially crafted file, yielding root access (CVSS 7.8).
- Exploitation requires netadmin privileges (valid credentials or prior compromise via CVE‑2026‑20182/20127). No patch available.
- Affected: on‑prem, Cloud‑Pro, Cisco‑Managed and government deployments.
Recommended actions: implement mitigations for CVE‑2026‑20182, restrict internet exposure, and inspect /var/log/scripts.log for suspicious activity.
Why this matters: internet‑accessible installations face heightened compromise risk.
What steps will you take?
#cybersecurity #SDWAN #Cisco #vulnerabilities


Latest comments
No comments yet.