Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. […]
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. […]
Executive leaders may not be saying it aloud, but business objectives and priorities don’t always promote timely disclosures.
Eine kritische Schwachstelle mit CVSS 10.0 in Cisco Secure Workload erlaubt unauthentifizierten Angreifern den Zugriff auf interne REST-APIs. Über manipulierte Anfragen lassen sich Site-Admin-Rechte erlangen und Konfigurationen über Mandantengrenzen hinweg verändern. Patches sind verfügbar, SaaS-Installationen hat Cisco bereits serverseitig korrigiert.

Watch on YouTube https://www.youtube.com/watch?v=2azHckVskU4
Cisco has disclosed a seventh SD-WAN zero-day exploited in 2026, tracked as CVE-2026-20245. The flaw affects the command-line interface of Cisco Catalyst SD-WAN Manager and can allow an authenticated remote attacker with netadmin privileges to execute arbitrary commands as root by uploading a crafted file. Cisco says exploitation has already been observed in limited cases, […]
Cisco warnt vor neuer attackierter SD-WAN-SicherheitslückeAlertheise Security Quelle: Heise Security Ticker
CVE-2026-20230: Cisco Unified CM WebDialer SSRF Can Lead to Root-Level Compromise Cisco has released fixes for CVE-2026-20230, an unauthenticated remote vulnerability affecting Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME). The flaw is an SSRF issue that can be chained into an arbitrary file write on the underlying operating system, […]
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. […]
The vulnerability is tracked as CVE-2026-20245 and it can allow arbitrary command execution as root, but no patch yet. The post Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026 appeared first on SecurityWeek.
Cisco has released security updates to patch a critical-severity Unified Communications Manager (Unified CM) flaw that allows attackers to gain root privileges. […]