CVE-2026-20245 Exploited In Cisco Catalyst SD-WAN Manager
4 Articles
4 Articles
Mandiant has published new research results detailing how a threat player has exploited a now patched zero-day security vulnerability in Cisco Catalyst SD WAN (CVE-2026-20245) in a communications service provider to extend the rights of a compromised administrator account to full root access. As these devices control traffic within the network, an attacker with root rights could potentially comprehensive and unnoticed insights into the internal …
CVE-2026-20245 Exploited In Cisco Catalyst SD-WAN Manager
A newly disclosed zero-day vulnerability, CVE-2026-20245, has been exploited by a threat actor targeting Cisco Catalyst SD-WAN Manager. By exploiting a flaw in the platform's file to upload functionality, the threat actor escalated privileges from a compromised administrative account to root access and used extensive anti-forensic measures to erase evidence of the attack. Threat Actor Abused Cisco Catalyst SD-WAN Manager to Gain Root Access Ma…
CVE-2026-20245: The Cisco SD-WAN Zero-Day Nobody Caught
On June 25, 2026, new details emerged about the active exploitation of CVE-2026-20245, a command injection flaw in Cisco Catalyst SD-WAN Manager that was used as a zero-day at least two months before Cisco publicly disclosed it. According to The Hacker News, the attacker gained root access on a service provider’s SD-WAN management infrastructure, created […] The post CVE-2026-20245: 5 things to know about the Cisco SD-WAN zero-day nobody caught …
Cisco SD-WAN Manager Zero-Day Turns the Network's Control Plane Into the Target
The single dashboard that makes SD-WAN easy to run has become the thing attackers most want to own. Google’s Mandiant team has published a detailed account of one such intrusion. A threat actor exploited a zero-day in Cisco Catalyst SD-WAN Manager, tracked as CVE-2026-20245. The flaw let it escalate from a compromised admin account to full root access, then reach into the devices the controller manages. The flaw sits in the command-line interfac…
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
Factuality
To view factuality data please Upgrade to Premium




