Cisco SD-WAN make-me-root bug under attack

Cisco fixed a Catalyst SD-WAN Manager bug, CVE-2026-20262, exploited as a zero-day to gain root privileges. The flaw allows file overwrite via crafted HTTP requests. Attackers need valid low-privilege credentials. CISA added the bug to its exploited catalog, giving federal agencies two weeks to patch.