Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks

Cisco fixed CVE-2026-20262, a zero-day in Catalyst SD-WAN Manager exploited to gain root privileges. The flaw stems from insufficient input validation during file uploads, allowing low-privilege remote attackers to execute arbitrary commands via crafted HTTP requests. Cisco shared indicators of compromise and urged patching.