Cisco customers are facing another actively exploited zero-day, CVE-2026-20245, in Cisco Catalyst SD-WAN Manager, and no patch or workaround is currently available. Cisco said the flaw can let authenticated or local attackers execute commands as root, while earlier vulnerabilities such as CVE-2026-20182 and CVE-2026-20127 may have helped enable access. #CVE-2026-20245 #CiscoCatalystSDWANManager #CVE-2026-20182 #CVE-2026-20127 #Mandiant
Keypoints
- CVE-2026-20245 is Ciscoβs seventh actively exploited SD-WAN zero-day this year.
- The flaw affects Cisco Catalyst SD-WAN Manager and can lead to root-level command execution.
- Cisco says no patch or workaround is available yet.
- Exploitation appears to require valid credentials or prior privileged access.
- Cisco provided indicators of compromise and advised customers to contact TAC for help.
Read More: https://cyberscoop.com/cisco-sdwan-zero-day-vulnerability-exploited-cve202620245/