Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was ...
Morning Overview on MSN

Cisco’s sixth SD-WAN zero-day of 2026 gives remote attackers admin access through an authentication bypass — CISA confirms active exploitation

A remote attacker with no valid credentials can now seize full administrative control of certain Cisco SD-WAN devices, and ...
CSO Online

Cisco warns of an actively exploited SD-WAN flaw with max severity

The authentication bypass bug (CVE-2026-20182) in Catalyst SD-WAN gives remote attackers admin access, with no workaround ...
The Hacker News

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access

CVE-2026-20182 bypasses Cisco SD-WAN auth via DTLS port 12346, enabling admin access after May 2026 exploitation.
The Hacker News

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

CISA added CVE-2026-20182, a CVSS 10.0 Cisco Catalyst SD-WAN Controller authentication bypass flaw, to its KEV catalog.
SecurityWeek

Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026

Cisco has patched yet another critical SD-WAN zero-day vulnerability, the sixth SD-WAN flaw whose exploitation came to light ...

Agent authorization is broken — and authentication passing makes it worse

Cisco's top security officer confirms rogue agent incidents are already happening. The failure isn't identity — it's ...