Cisco Catalyst SD-WAN Manager vulnerability CVE-2026-20245 is under active exploitation and has a CVSS score of 7.8.
Ravie LakshmananJun 06, 2026Vulnerability / Network Security
Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation.
The vulnerability, tracked as CVE-2026-20245, carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the following deployment types -
On-Prem Deployment
Cisco SD-WAN Cloud-Pro
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026
Cisco Warns of Available PoC for Critical Unified CM Vulnerability
Cisco warnt vor neuer attackierter SD-WAN-Sicherheitslücke
Cisco warns of critical Unified CM flaw with PoC exploit code
Palo Alto VPN bug graduates from advisory to active exploitation
Recent Palo Alto Networks Vulnerability Exploited for Weeks
Critical Windows Netlogon Vulnerability in Attackers’ Crosshairs
Check Point VPN Flaw Exploited Since Early May
Cisco stopft kritische Lücke in Unified CM und mehr
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245)…
Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively…
Cisco informed customers about CVE-2026-20245, the seventh SD-WAN product vulnerability exploited in the wild in 2026.
CVE-2026-20182 bypasses Cisco SD-WAN auth via DTLS port 12346, enabling admin access after May 2026 exploitation.
CISA added CVE-2026-20182, a CVSS 10.0 Cisco Catalyst SD-WAN Controller authentication bypass flaw, to its KEV catalog.
This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system.
