Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Cisco security patch release for CVE-2026-20127

Security Patch Release
First reported
Last updated
Happening score
H score 52
1 unique sources, 1 articles

Summary

Hide ▲

Cisco released a fix for CVE-2026-20127, a critical SD-WAN zero-day that can let a remote unauthenticated attacker gain administrative access. The patch covers Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager, and agencies in the UK, US, Canada, Australia and New Zealand urged customers to patch immediately because the flaw has been exploited since 2023. Successful exploitation can expose NETCONF and allow attackers to manipulate SD-WAN network configuration, while CISA ordered federal agencies to remediate by February 27, 2026.

Related Happenings

Cisco ThousandEyes and Nexus security patches

Security Patch Release
First: 21.05.2026 15:04 Last: 21.05.2026 15:04 Sources 1

About this happening: Cisco released patches for **three medium-severity vulnerabilities** affecting **ThousandEyes Virtual Appliance**, **ThousandEyes Enterprise Agent**, and **Nexus 3000/9000 switche...

Open Happening

CISA KEV remediation order for Cisco Catalyst SD-WAN Controller CVE-2026-20182

Public Sector Action
First: 15.05.2026 08:28 Last: 15.05.2026 08:28 Sources 1

About this happening: **CISA** added **CVE-2026-20182** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate **Cisco Catalyst SD-WAN Controller** by **May 17,...

Open Happening

Cisco security patch release for CVE-2026-20182

Security Patch Release
First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

Open Happening

Cisco security patch release for CVE-2026-20188

Security Patch Release
First: 06.05.2026 21:06 Last: 06.05.2026 21:06 Sources 1

About this happening: **Cisco** released security updates for **CVE-2026-20188**, a high-severity **DoS vulnerability** in **Crosswork Network Controller (CNC)** and **Network Services Orchestrator (NS...

Open Happening

PAN-OS User-ID Authentication Portal mitigation guidance (CVE-2026-0300)

Advisory/Mitigation
First: 06.05.2026 09:14 Last: 06.05.2026 09:14 Sources 1

About this happening: Palo Alto Networks issued **mitigation guidance** for **CVE-2026-0300** after the **PAN-OS User-ID Authentication Portal** flaw was reported **exploited in the wild**, leaving pub...

Open Happening

Timeline

  1. 26.02.2026 11:30 2 articles · 3mo ago

    Cisco releases fix for CVE-2026-20127

    Mitigation Patch Update

    Cisco released a fix for CVE-2026-20127 in Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager, and customers were urged to patch both the new zero-day and the legacy CVE-2022-20775.

    Show sources
    Open in new tab
  2. 26.02.2026 11:30 1 articles · 3mo ago

    Global agencies warn on Cisco SD-WAN zero-day

    Initial Disclosure

    Government security agencies in the UK, US, Canada, Australia and New Zealand urged Cisco customers to take immediate action against a critical zero-day in Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager that had been exploited since 2023, while CISA issued an emergency directive requiring federal agencies to find and patch CVE-2026-20127 and CVE-2022-20775 by 5pm ET on February 27, 2026.

    Show sources
    Open in new tab