Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA Emergency Directive 26-03 for Cisco SD-WAN

Public Sector Action
First reported
Last updated
Happening score
H score 34
2 unique sources, 2 articles

Summary

Hide ▲

CISA issued Emergency Directive 26-03 and supplemental guidance to force immediate remediation of Cisco SD-WAN vulnerabilities across Federal Civilian Executive Branch (FCEB) agencies. The directive says the flaws pose an unacceptable risk to federal networks and require immediate action. Agencies must inventory in-scope systems, collect logs and snapshots, patch CVE-2026-20127 and CVE-2022-20775, and hunt for compromise. CISA also said it will monitor compliance and provide technical assistance.

Related Happenings

Cisco Catalyst SD-WAN unauthorized peering and SSH access campaign

Campaign
H score38 First: 25.06.2026 17:15 Last: 25.06.2026 17:15 Sources 1

About this happening: An active **campaign** used **unauthorized peering connections** and **SSH access** to maintain footholds inside a **service provider's Cisco Catalyst SD-WAN** environment, increa...

CISA KEV order for FCEB agencies on LiteSpeed cPanel flaw

Public Sector Action
H score36 First: 16.06.2026 13:47 Last: 16.06.2026 13:47 Sources 1

About this happening: **CISA** added the **LiteSpeed cPanel user-end plugin** flaw to **KEV** and ordered **Federal Civilian Executive Branch agencies** to secure systems within **three days** under **...

CISA adds CVE-2026-20262 to KEV and orders federal fixes

Public Sector Action
H score32 First: 16.06.2026 09:05 Last: 16.06.2026 09:05 Sources 1

About this happening: **CISA** added **CVE-2026-20262** to its **Known Exploited Vulnerabilities (KEV) catalog** and required **Federal Civilian Executive Branch (FCEB)** agencies to apply Cisco's fixe...

CISA BOD 26-04 remediation requirements

Advisory/Mitigation
H score31 First: 11.06.2026 15:46 Last: 11.06.2026 15:46 Sources 1

About this happening: CISA’s **Binding Operational Directive 26-04** forces **FCEB agencies** to speed up remediation of high-risk vulnerabilities, with some deadlines as short as **3 days** and new **...

CISA KEV update and FCEB remediation deadline

Public Sector Action
H score33 First: 10.06.2026 17:44 Last: 10.06.2026 17:44 Sources 1

About this happening: **CISA** added **three actively exploited vulnerabilities** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate by **June 23, 2026**. Th...

Timeline

  1. 25.02.2026 14:00 2 articles · 4mo ago

    CISA issues Emergency Directive 26-03 for Cisco SD-WAN

    Legal Policy Action Update

    CISA issued Emergency Directive 26-03 and supplemental direction for Cisco SD-WAN systems after determining that vulnerabilities in certain Cisco systems and software posed an unacceptable risk to Federal Civilian Executive Branch agencies and federal networks. The directive requires federal agencies to inventory in-scope systems, collect virtual snapshots and logs, patch CVE-2026-20127 and CVE-2022-20775, hunt for evidence of compromise, and follow Cisco’s Catalyst SD-WAN Hardening Guide.

    Show sources