Cisco SD-WAN Zero-Day Exploited in Attacks

Cisco's SD-WAN management software has a high-severity zero-day bug, tracked as CVE-2026-20245, exploited in attacks. The vulnerability affects all versions of the software, regardless of device configuration, and across all deployment types. An attacker must have netadmin privileges on an affected system to exploit the flaw. Cisco recommends customers upgrade to the fixed software released in May 2026 for CVE-2026-20182. The company is not aware of successful exploitation by other methods.