CISA warned federal agencies to patch CVE-2026-20182 in Cisco SD-WAN systems by Sunday after exploitation was observed and a 10/10 severity flaw was confirmed. The vulnerability lets a remote attacker bypass authentication and gain administrative privileges, echoing a February campaign previously linked to active exploitation and emergency directives. #CVE-2026-20182 #CiscoSDWAN #CISA #Rapid7
Keypoints
- CISA set a Sunday deadline for federal agencies to patch CVE-2026-20182.
- The flaw affects Cisco SD-WAN systems and can grant admin access remotely.
- Cisco said exploitation of the vulnerability was observed this month.
- Rapid7 discovered the bug while investigating a related earlier issue.
- CISA urged agencies to follow February emergency guidance and hunt for compromise.
Read More: https://therecord.media/cisa-orders-all-federal-agencies-to-patch-cisco-sd-wan-bug