A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager is being leveraged by attackers. Cisco has not yet patched this critical flaw. Attackers require netadmin privileges on the affected system to exploit it. This typically necessitates valid credentials or prior exploitation of other vulnerabilities. Specifically, CVE-2026-20182 or CVE-2026-20127 could be used.
A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager is being leveraged by attackers. Cisco has not yet patched this critical flaw. Attackers require netadmin privileges on the affected system to exploit it. This typically necessitates valid credentials or prior exploitation of other vulnerabilities.
Specifically, CVE-2026-20182 or CVE-2026-20127 could be used. Cisco stated on Thursday that it is not aware of successful exploitation through other methods. The company has observed only limited cases of this vulnerability being exploited in the wild.