Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was ...
The Hacker News

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access

CVE-2026-20182 bypasses Cisco SD-WAN auth via DTLS port 12346, enabling admin access after May 2026 exploitation.
Network World

Cisco warns of an actively exploited SD-WAN flaw with max severity

The authentication bypass bug (CVE-2026-20182) in Catalyst SD-WAN gives remote attackers admin access, with no workaround ...
Morning Overview on MSN

Cisco’s sixth SD-WAN zero-day of 2026 gives remote attackers admin access through an authentication bypass — CISA confirms active exploitation

A remote attacker with no valid credentials can now seize full administrative control of certain Cisco SD-WAN devices, and ...
Morning Overview on MSN

A Cisco flaw rated 10 out of 10 gives hackers admin access to SD-WAN controllers across entire networks — CISA says it’s already being exploited

A vulnerability carrying the highest possible severity score – tracked as CVE-2025-20188 – is being actively exploited in ...

Patch time for Cisco SD-WAN admins as vendor drops yet another make-me-admin zero-day

Cisco admins face emergency patch duty after Switchzilla disclosed a max-severity make-me-admin bug affecting Catalyst SD-WAN ...
Dark Reading

Maximum Severity Cisco SD-WAN Bug Exploited in the Wild

This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system.

Cisco Webex SSO flaw needs manual certificate update to fix

The cloud-based Webex service has already been patched, but admins must replace an identity provider certificate in Webex Control Hub to complete the fix.