All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Security
Security
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Attacker exploited Cisco SD-WAN zero-day to gain root access at communications provider

By

Tim Starks

1h ago· 3 min readenNews
technologycybersecuritynewsnetworking

Summary

An attacker exploited a previously unknown Cisco zero-day vulnerability in the company's SD-WAN software earlier this year to infiltrate a communications service provider and gain root-level (highest) access. Cisco has since patched the flaw, which was one of seven actively exploited zero-days in its SD-WAN software this year. Mandiant, the Google-owned cybersecurity firm, disclosed the incident, noting the attacker gained the highest level of access possible on the targeted network.

Source

bskyAttacker exploited Cisco SD-WAN zero-day to gain root access at communications providercyberscoop.com

Key quotes

· 2 pulled
An attacker exploited a previously unknown and unpatched Cisco vulnerability earlier this year to infiltrate a communications service provider and gain the highest level of access possible
Cisco has since patched the flaw, one of seven actively exploited zero-day vulnerabilities this year in its SD-WAN software
Snippet from the RSS feed
Mandiant reveals an attacker exploited a Cisco SD-WAN zero-day vulnerability to gain root-level access to a communications service provider's network.

You might also wanna read

Cisco discloses actively exploited zero-day affecting up to 2 million IOS and IOS XE devices

Cisco disclosed an actively exploited zero-day vulnerability (CVE-2025-20352) affecting all supported versions of Cisco IOS and IOS XE, pote

arstechnica.com·9mo ago

Apple patches critical iOS zero-day vulnerability exploited in targeted attacks

Apple has patched a critical zero-day vulnerability (CVE-2026-20700) affecting every iOS version since 1.0, discovered by Google's Threat An

theregister.com·4mo ago

Critical FreePBX Zero-Day Vulnerability CVE-2025-57819 Exposed and Exploited

A critical zero-day vulnerability (CVE-2025-57819) has been discovered in FreePBX, a popular open-source PBX system. The article details how

labs.watchtowr.com·9mo ago

Google detects and blocks first known AI-assisted zero-day exploit

Google's Threat Intelligence Group has detected and stopped what it says is the first known zero-day exploit developed with AI assistance. T

The Verge·1mo ago

Proof-of-Concept Exploit Released for Critical NGINX Heap Buffer Overflow (CVE-2026-42945)

A proof-of-concept exploit for CVE-2026-42945, a critical heap buffer overflow vulnerability in NGINX's ngx_http_rewrite_module that has exi

github.com·1mo ago

Russian Cybercrime Groups Exploit WinRAR Zero-Day Vulnerability

A high-severity zero-day vulnerability in WinRAR is being actively exploited by two Russian cybercrime groups, allowing them to backdoor com

arstechnica.com·10mo ago

Comments

Sign in to join the conversation.

No comments yet. Be the first.