Cisco security patch release for CVE-2026-20127
Security Patch Release
Summary
Hide ▲
Show ▼
Cisco released a fix for CVE-2026-20127, a critical SD-WAN zero-day that can let a remote unauthenticated attacker gain administrative access. The patch covers Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager, and agencies in the UK, US, Canada, Australia and New Zealand urged customers to patch immediately because the flaw has been exploited since 2023. Successful exploitation can expose NETCONF and allow attackers to manipulate SD-WAN network configuration, while CISA ordered federal agencies to remediate by February 27, 2026.
Related Happenings
CISA sets June 28 patch deadline for Cisco Unified Communications Manager Server
Public Sector Action
H score35
First: 26.06.2026 22:43
Last: 26.06.2026 22:43
Sources 1
About this happening:
CISA ordered **federal agencies** to patch **CVE-2026-20230** in **Cisco Unified Communications Manager Server** by **June 28**, tightening exposure around an **actively exploited...
CISA sets June 28 patch deadline for Cisco Unified Communications Manager Server
Public Sector ActionAbout this happening: CISA ordered **federal agencies** to patch **CVE-2026-20230** in **Cisco Unified Communications Manager Server** by **June 28**, tightening exposure around an **actively exploited...
Cisco Catalyst SD-WAN unauthorized peering and SSH access campaign
Campaign
H score38
First: 25.06.2026 17:15
Last: 25.06.2026 17:15
Sources 1
About this happening:
An active **campaign** used **unauthorized peering connections** and **SSH access** to maintain footholds inside a **service provider's Cisco Catalyst SD-WAN** environment, increa...
Cisco Catalyst SD-WAN unauthorized peering and SSH access campaign
CampaignAbout this happening: An active **campaign** used **unauthorized peering connections** and **SSH access** to maintain footholds inside a **service provider's Cisco Catalyst SD-WAN** environment, increa...
Cisco security patch release for CVE-2026-20245
Security Patch Release
H score38
First: 25.06.2026 00:29
Last: 25.06.2026 00:29
Sources 1
About this happening:
Cisco released **security updates** for **Cisco Catalyst SD-WAN** after **CVE-2026-20245** was linked to root-level command execution, and customers were told to move to fixed sof...
Cisco security patch release for CVE-2026-20245
Security Patch ReleaseAbout this happening: Cisco released **security updates** for **Cisco Catalyst SD-WAN** after **CVE-2026-20245** was linked to root-level command execution, and customers were told to move to fixed sof...
CISA adds CVE-2026-20262 to KEV and orders federal fixes
Public Sector Action
H score32
First: 16.06.2026 09:05
Last: 16.06.2026 09:05
Sources 1
About this happening:
**CISA** added **CVE-2026-20262** to its **Known Exploited Vulnerabilities (KEV) catalog** and required **Federal Civilian Executive Branch (FCEB)** agencies to apply Cisco's fixe...
CISA adds CVE-2026-20262 to KEV and orders federal fixes
Public Sector ActionAbout this happening: **CISA** added **CVE-2026-20262** to its **Known Exploited Vulnerabilities (KEV) catalog** and required **Federal Civilian Executive Branch (FCEB)** agencies to apply Cisco's fixe...
PAN-OS GlobalProtect CVE-2026-0257 exploitation wave
Exploitation Wave
H score18
First: 01.06.2026 11:30
Last: 01.06.2026 11:30
Sources 1
About this happening:
A **CVE-2026-0257** exploitation wave is hitting **Palo Alto Networks PAN-OS GlobalProtect** appliances, creating **unauthorized VPN access** risk for **multiple customers**. **Ra...
PAN-OS GlobalProtect CVE-2026-0257 exploitation wave
Exploitation WaveAbout this happening: A **CVE-2026-0257** exploitation wave is hitting **Palo Alto Networks PAN-OS GlobalProtect** appliances, creating **unauthorized VPN access** risk for **multiple customers**. **Ra...
Timeline
-
26.02.2026 11:30 2 articles · 4mo ago
Cisco releases fix for CVE-2026-20127
Mitigation Patch UpdateCisco released a fix for CVE-2026-20127 in Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager, and customers were urged to patch both the new zero-day and the legacy CVE-2022-20775.
Show sources
- Global Cyber Agencies Urge Immediate Patching of Cisco SD-WAN Zero Day — www.infosecurity-magazine.com — 26.02.2026 11:30
- Global Cyber Agencies Urge Immediate Patching of Cisco SD-WAN Zero Day — www.infosecurity-magazine.com — 26.02.2026 11:30
-
26.02.2026 11:30 1 articles · 4mo ago
Global agencies warn on Cisco SD-WAN zero-day
Initial DisclosureGovernment security agencies in the UK, US, Canada, Australia and New Zealand urged Cisco customers to take immediate action against a critical zero-day in Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager that had been exploited since 2023, while CISA issued an emergency directive requiring federal agencies to find and patch CVE-2026-20127 and CVE-2022-20775 by 5pm ET on February 27, 2026.
Show sources
- Global Cyber Agencies Urge Immediate Patching of Cisco SD-WAN Zero Day — www.infosecurity-magazine.com — 26.02.2026 11:30