(Image: heise online) Attackers are actively exploiting a serious vulnerability in Cisco Catalyst SD-WAN Controllers. Security patches are now available. Due to a flaw in the authentication process of the Cisco Catalyst SD-WAN Controller, attackers are actively compromising the affected systems. Administrators are required to apply all available security patches immediately. In addition, Catalyst, the network equipment provider, has a dedicated SD-WAN Manager. With these two tools, administrators can primarily manage network processes and monitor specific parameters. Unauthorized Access. In a warning notice [1], the developers describe the actively exploited vulnerability (CVE-2026-20182) as “critical” and assign it the highest possible CVSS rating of 10 out of 10. It specifically deals with the peering authentication mechanism. Remote attackers are currently using pre-programmed requests to bypass authentication and obtain unauthorized access.
heise security News