Skip to content

Cisco Catalyst SD-WAN Manager: CVE-2026-20245 Actively Exploited

The Point: Cisco Catalyst SD-WAN Manager is actively attacked via CVE-2026-20245; patches do not yet exist.

Cisco warns of a critical security vulnerability in Catalyst SD-WAN Manager (CVE-2026-20245, CVSS 7.8) that is currently being actively exploited. Patches are not available at this time.

The vulnerability CVE-2026-20245 affects multiple deployment types: on-premise installations, Cisco SD-WAN Cloud Pro, Cisco SD-WAN Cloud (Cisco-managed), and Cisco SD-WAN for Government (FedRAMP). With a CVSS score of 7.8, it is classified as highly critical.

For CISOs, this means that environments based on Cisco SD-WAN Manager must be reviewed immediately. SD-WAN is often central to network architecture and connectivity for critical business processes. Active exploitation demonstrates that attackers are already employing exploits.

Since no patch is currently available, organizations should contact Cisco immediately to clarify mitigation strategies—such as network segmentation, access restrictions, or temporary disabling of exposed features until an update becomes available.


Source: thehackernews.com · Published June 6, 2026
Lumi AI News — AI-assisted curation pursuant to Art. 50 EU AI Act. Paraphrase and classification by Lumi News Pipeline v1.6.5.

Share on: