Cisco warned that a new zero-day, CVE-2026-20262, is being exploited in limited attacks against Catalyst SD-WAN Manager. The flaw allows arbitrary file writes through crafted HTTP requests and could be used to elevate privileges, prompting CISA to add it to the KEV catalog. #Cisco #CatalystSDWANManager #CVE-2026-20262 #CISA #KEV
Keypoints
- Cisco disclosed exploitation of CVE-2026-20262 in Catalyst SD-WAN Manager.
- The flaw allows attackers to write or overwrite files on the underlying operating system.
- Attackers need valid credentials with at least write access to exploit it.
- Cisco said the vulnerability was found internally and was exploited in June 2026.
- CISA added CVE-2026-20262 to its Known Exploited Vulnerabilities catalog.
Read More: https://www.securityweek.com/cisco-patches-another-sd-wan-zero-day-exploited-in-attacks/