Cisco has warned that CVE-2026-20245, a high-severity flaw in Cisco Catalyst SD-WAN Manager, is being actively exploited and can let an authenticated local attacker execute arbitrary commands as root by uploading a crafted file. The issue affects multiple SD-WAN deployment types and has already been observed causing configuration changes on edge devices, with no patch or mitigation currently available. #Cisco #CatalystSDWANManager #CVE202620245 #UAT8616 #CVE202620182 #CVE202620127
Keypoints
- CVE-2026-20245 is actively exploited in Cisco Catalyst SD-WAN Manager.
- The flaw can enable root-level command execution through crafted file uploads.
- Attackers need netadmin privileges, possibly gained via authentication bypass bugs.
- Internet-exposed SD-WAN systems are at elevated risk of compromise.
- No patch or mitigation is currently available for CVE-2026-20245.
Read More: https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-manager-cve-2026.html