Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco released updates for CVE-2026-20182, a maximum-severity authentication bypass in Catalyst SD-WAN Controller that enables unauthenticated remote admin access and NETCONF configuration changes.
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco released updates for CVE-2026-20182, a maximum-severity authentication bypass in Catalyst SD-WAN Controller that enables unauthenticated remote admin access and NETCONF configuration changes.
Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026
Cisco released patches for CVE-2026-20182, an exploited SD-WAN authentication bypass that can grant remote attackers admin privileges via crafted packets.
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
CVE-2026-20182 in Cisco Catalyst SD-WAN Controller enables unauthenticated remote authentication bypass and administrative access, added to CISA KEV with FCEB remediation by May 17, 2026.