FeedVulnerabilityCisco Catalyst SD-WAN Controller 0-Day Actively Exploited to...
VulnerabilityCyber Security News
10.0CRITICAL

Cisco Catalyst SD-WAN Controller 0-Day Actively Exploited to Gain Admin Access

📅 15 May 2026 at 02:30 UTC📰 Cyber Security NewsView original source ↗

A maximum-severity zero-day vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited in the wild, allowing unauthenticated remote attackers to fully bypass authentication and seize administrative control of enterprise network infrastructure. Tracked as CVE-2026-20182 with a CVSS score of 10.0, the flaw puts SD-WAN deployments across on-premises, cloud, and government environments at critical risk. […] The post Cisco Catalyst SD-WAN Controller 0-Day Actively Exploited to Gain Admin Access appeared first on Cyber Security News.

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

A maximum-severity zero-day vulnerability in Cisco Catalyst SD-WAN Controller is being actively exploited, allowing unauthenticated remote attackers to gain admin access to enterprise network infrastructure.

⚙️Technical Details
Affected Systems
Cisco Catalyst Sd-Wan ManagerCisco Sd-Wan Vsmart Controller
Attack Vectors
NETWORK
💥Impact Assessment
Severity: CRITICAL
🛡️Recommended Actions
1Immediately update the affected software to the latest patch version.
2Enable multi-factor authentication for administrative access to SD-WAN Controller.
3Conduct a thorough network security audit to identify and remediate any potential vulnerabilities.
📦Affected Products
Cisco Catalyst Sd-Wan ManagerCisco Sd-Wan Vsmart Controller
🔐NVD Verified DataVERIFIED
CVE-2026-20182CVSS 10CRITICAL
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Weaknesses
CWE-287
Affected Products (CPE)
Cisco Catalyst Sd-Wan ManagerCisco Sd-Wan Vsmart Controller

Read the full article

This is a curated summary. The complete article is available at Cyber Security News.

Read on Cyber Security News
← Back to feed