Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Cisco Catalyst SD-WAN Manager information disclosure vulnerability (CVE-2026-20133)

Vulnerability
First reported
Last updated
Happening score
H score 27
1 unique sources, 1 articles

Summary

Hide ▲

CISA moved CVE-2026-20133 in Cisco Catalyst SD-WAN Manager into its KEV Catalog, signaling active exploitation against unpatched devices and forcing FCEB agencies to patch by April 24. Cisco had already patched the information disclosure flaw in late February, warning that unauthenticated remote attackers could use the affected API to read sensitive information. The issue matters because the product centrally manages up to 6,000 SD-WAN devices, so a single exposed manager can affect large networks.

Related Happenings

CISA KEV remediation order for Cisco Catalyst SD-WAN Controller CVE-2026-20182

Public Sector Action
First: 15.05.2026 08:28 Last: 15.05.2026 08:28 Sources 1

About this happening: **CISA** added **CVE-2026-20182** to the **KEV catalog** and ordered **Federal Civilian Executive Branch agencies** to remediate **Cisco Catalyst SD-WAN Controller** by **May 17,...

Open Happening

Cisco Catalyst SD-WAN authentication bypass flaw actively exploited (CVE-2026-20182)

Vulnerability
First: 14.05.2026 23:09 Last: 14.05.2026 23:09 Sources 1

About this happening: **CVE-2026-20182** is an actively exploited **authentication bypass** in **Cisco Catalyst SD-WAN Controller** and **Cisco Catalyst SD-WAN Manager**, creating a path to **administr...

Latest development: 14.05.2026 23:25

Cisco released a patch for CVE-2026-20182, giving organizations using Cisco Catalyst SD-WAN Controllers a way to block the authentication bypass before UAT-8616 can continue using it for administrative access, SSH key insertion, NETCONF changes, and root escalation.

Open Happening

CISA-led zero-trust guide for OT environments

Public Sector Action
First: 30.04.2026 17:00 Last: 30.04.2026 17:00 Sources 1

About this happening: US government agencies led by **CISA** released **Adapting Zero Trust Principles to Operational Technology**, giving **OT operators** a framework to improve **critical infrastruct...

Open Happening

CISA joint Zero Trust OT guide

Public Sector Action
First: 29.04.2026 15:00 Last: 29.04.2026 15:00 Sources 1

About this happening: CISA and U.S. partners **published** a joint guide to help **OT owners and operators** apply **Zero Trust** to **operational technology environments**, giving government and infra...

Open Happening

CISA KEV directive for CVE-2026-20133

Public Sector Action
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

How related: On Monday, CISA added CVE-2026-20133 to its Known Exploited Vulnerabilities (KEV) Catalog, "based on evidence of active exploitation," and ordered Federal Civilian Executive Branch (FCEB) agencies to secure their networks until Friday, April 24.

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Open Happening

Timeline

  1. 21.04.2026 15:30 2 articles · 1mo ago

    Cisco Catalyst SD-WAN Manager information disclosure vulnerability (CVE-2026-20133)

    Initial Disclosure

    Cisco patched **CVE-2026-20133** in **late February** after identifying an **information disclosure** flaw in **Catalyst SD-WAN Manager**. CISA later flagged the issue as **actively exploited** and gave federal agencies four days to secure affected systems.

    Show sources
    Open in new tab