Find notable cyber news and cases, enriched with sources, timelines, and signals.

Cisco Catalyst SD-WAN Manager security patch release (multiple vulnerabilities)

Security Patch Release
First reported
Last updated
Happening score
H score 55
1 unique sources, 1 articles

Summary

Hide ▲

Cisco released fixed software for Catalyst SD-WAN Manager, covering multiple vulnerabilities that affected supported branches and required version-specific remediation. The patch release matters because the product is used for network management and the disclosed flaws included arbitrary file overwrite and information disclosure conditions. Cisco mapped affected branches to fixed builds such as 20.9.8.2, 20.12.6.1, 20.15.4.2, and 20.18.2.1. Customers on earlier than Version 20.91 were told to move to a fixed release and upgrade promptly.

Related Happenings

Cisco Catalyst SD-WAN unauthorized peering and SSH access campaign

Campaign
H score38 First: 25.06.2026 17:15 Last: 25.06.2026 17:15 Sources 1

About this happening: An active **campaign** used **unauthorized peering connections** and **SSH access** to maintain footholds inside a **service provider's Cisco Catalyst SD-WAN** environment, increa...

Cisco security patch release for CVE-2026-20262

Security Patch Release
H score47 First: 15.06.2026 20:12 Last: 15.06.2026 20:12 Sources 1

About this happening: **Cisco** released **security updates** for **CVE-2026-20262** in **Catalyst SD-WAN Manager**, covering multiple release trains after the zero-day was exploited to reach **root pr...

Cisco Secure Workload REST API patch release (CVE-2026-20223)

Security Patch Release
H score55 First: 22.05.2026 08:36 Last: 22.05.2026 08:36 Sources 1

About this happening: Cisco patched **CVE-2026-20223**, a **CVSS 10.0** Secure Workload REST API flaw that could expose sensitive data and allow configuration changes across tenant boundaries. The upda...

Cisco security patch release for CVE-2026-20182

Security Patch Release
H score60 First: 14.05.2026 20:45 Last: 14.05.2026 20:45 Sources 1

About this happening: Cisco released **updates** for **CVE-2026-20182**, a **maximum-severity authentication bypass** in **Catalyst SD-WAN Controller/Manager**, after the flaw was **exploited in limite...

SAP security patch release for CVE-2019-17571

Security Patch Release
H score42 First: 11.03.2026 14:26 Last: 11.03.2026 14:26 Sources 1

About this happening: **SAP** released security updates for **two critical flaws** in **FS-QUO** and **NetWeaver Enterprise Portal Administration**, reducing the risk of **arbitrary code execution** on...

Timeline

  1. 05.03.2026 17:22 2 articles · 4mo ago

    Cisco discloses active exploitation of Catalyst SD-WAN Manager flaws

    Initial Disclosure

    Cisco disclosed that Catalyst SD-WAN Manager, formerly SD-WAN vManage, has two flaws under active exploitation in the wild: CVE-2026-20122, an arbitrary file overwrite issue requiring valid read-only API credentials, and CVE-2026-20128, an information disclosure issue requiring valid vManage credentials and affecting Data Collection Agent (DCA) user privileges. Cisco said the Cisco PSIRT became aware of active exploitation in March 2026, noted that fixed software releases had been issued for affected branches late last month, and urged customers to update, restrict exposure, disable unnecessary services, change the default administrator password, and monitor logs.

    Show sources