Cisco SD-WAN Manager zero-day (CVE-2026-20245) actively exploited with no patch available
By
Jessica Lyons
1mo ago· 3 min readenNews
Summary
Cisco has disclosed a high-severity zero-day vulnerability (CVE-2026-20245) in its Catalyst SD-WAN Manager software that is actively being exploited by attackers. The flaw stems from improper validation of user-supplied input, allowing authenticated local attackers to exploit the system. Cisco issued an advisory but has not provided a timeline for a patch, leaving systems vulnerable.
Source
Key quotes
· 3 pulledThe threat is real. Unknown miscreants are exploiting a high-severity, zero-day bug in Cisco's SD-WAN management software, and the networking giant hasn't said when it will patch the flaw.
Cisco issued an advisory on Thursday for the Catalyst SD-WAN Manager vulnerability, tracked as CVE-2026-20245, and it sounds like attackers have been exploiting this security failure for at least the last week.
It's due to a validation error - the software fails to properly validate user-supplied input - and an authenticated, local attacker can exploit the
Good luck, sys admins
You might also wanna read
Cisco discloses actively exploited zero-day affecting up to 2 million IOS and IOS XE devices
Cisco disclosed an actively exploited zero-day vulnerability (CVE-2025-20352) affecting all supported versions of Cisco IOS and IOS XE, pote
arstechnica.com·9mo ago
WAF - WAF Release - 2025-09-28 - Emergency
Cloudflare·9mo ago

WAF - WAF Release - 2025-11-21
Cloudflare·7mo ago

WAF - WAF Release - 2025-10-07 - Emergency
Cloudflare·9mo ago
Critical FreePBX Zero-Day Vulnerability CVE-2025-57819 Exposed and Exploited
A critical zero-day vulnerability (CVE-2025-57819) has been discovered in FreePBX, a popular open-source PBX system. The article details how
labs.watchtowr.com·10mo agoMicrosoft SharePoint Under Active Exploitation, Warns CISA
Packetlabs·11mo ago

Comments
Sign in to join the conversation.
No comments yet. Be the first.