The Cisco vulnerability CVE-2026-20230 (CVSS 8.6) is being actively exploited weeks after patch release in June and enables root access through SSRF and file operations.
Root access to Cisco Catalyst SD-WAN Manager via unvalidated file uploads enables network-wide control plane vulnerability with impact on branch availability, segmentation, and business continuity.
An unpatched command injection vulnerability in SD-WAN Manager is being actively exploited, requiring immediate measures to close authentication gaps and monitor logs.
CVE-2026-20245 in Cisco SD-WAN Manager is actively being exploited and requires local authentication and netadmin privileges, but can be chained with exploits of older authentication bypass vulnerabilities.