Find notable cyber news and cases, enriched with sources, timelines, and signals.

Cisco security patch release for CVE-2026-20127

Security Patch Release
First reported
Last updated
Happening score
H score 56
1 unique sources, 1 articles

Summary

Hide ▲

Cisco released a fix for CVE-2026-20127, a critical SD-WAN zero-day that can let a remote unauthenticated attacker gain administrative access. The patch covers Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager, and agencies in the UK, US, Canada, Australia and New Zealand urged customers to patch immediately because the flaw has been exploited since 2023. Successful exploitation can expose NETCONF and allow attackers to manipulate SD-WAN network configuration, while CISA ordered federal agencies to remediate by February 27, 2026.

Related Happenings

CISA sets June 28 patch deadline for Cisco Unified Communications Manager Server

Public Sector Action
H score35 First: 26.06.2026 22:43 Last: 26.06.2026 22:43 Sources 1

About this happening: CISA ordered **federal agencies** to patch **CVE-2026-20230** in **Cisco Unified Communications Manager Server** by **June 28**, tightening exposure around an **actively exploited...

Cisco Catalyst SD-WAN unauthorized peering and SSH access campaign

Campaign
H score38 First: 25.06.2026 17:15 Last: 25.06.2026 17:15 Sources 1

About this happening: An active **campaign** used **unauthorized peering connections** and **SSH access** to maintain footholds inside a **service provider's Cisco Catalyst SD-WAN** environment, increa...

Cisco security patch release for CVE-2026-20245

Security Patch Release
H score38 First: 25.06.2026 00:29 Last: 25.06.2026 00:29 Sources 1

About this happening: Cisco released **security updates** for **Cisco Catalyst SD-WAN** after **CVE-2026-20245** was linked to root-level command execution, and customers were told to move to fixed sof...

CISA adds CVE-2026-20262 to KEV and orders federal fixes

Public Sector Action
H score32 First: 16.06.2026 09:05 Last: 16.06.2026 09:05 Sources 1

About this happening: **CISA** added **CVE-2026-20262** to its **Known Exploited Vulnerabilities (KEV) catalog** and required **Federal Civilian Executive Branch (FCEB)** agencies to apply Cisco's fixe...

PAN-OS GlobalProtect CVE-2026-0257 exploitation wave

Exploitation Wave
H score18 First: 01.06.2026 11:30 Last: 01.06.2026 11:30 Sources 1

About this happening: A **CVE-2026-0257** exploitation wave is hitting **Palo Alto Networks PAN-OS GlobalProtect** appliances, creating **unauthorized VPN access** risk for **multiple customers**. **Ra...

Timeline

  1. 26.02.2026 11:30 2 articles · 4mo ago

    Cisco releases fix for CVE-2026-20127

    Mitigation Patch Update

    Cisco released a fix for CVE-2026-20127 in Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager, and customers were urged to patch both the new zero-day and the legacy CVE-2022-20775.

    Show sources
  2. 26.02.2026 11:30 1 articles · 4mo ago

    Global agencies warn on Cisco SD-WAN zero-day

    Initial Disclosure

    Government security agencies in the UK, US, Canada, Australia and New Zealand urged Cisco customers to take immediate action against a critical zero-day in Cisco Catalyst SD-WAN Controller and Cisco Catalyst SD-WAN Manager that had been exploited since 2023, while CISA issued an emergency directive requiring federal agencies to find and patch CVE-2026-20127 and CVE-2022-20775 by 5pm ET on February 27, 2026.

    Show sources