CVE-2026-20262 – Cisco Catalyst SD-WAN

CVSS 6.5 MODERATE Critical or Zero Day – Immediate Deployment

“When management systems can be manipulated, attackers can turn routine administration into a path to root access.”

Cisco patched two vulnerabilities affecting Catalyst SD-WAN components. CVE-2026-20262 has a CVSS score of 6.5, which is Medium severity. CVE-2026-20245 has a CVSS score of 7.8, which is High severity.

CVE-2026-20262 affects Cisco Catalyst SD-WAN Manager and allows an authenticated attacker to create or overwrite arbitrary files through improper validation during file uploads. The vulnerability could be leveraged to elevate privileges and obtain root access. CVE-2026-20245 affects Catalyst SD-WAN Controller, Manager, and Validator components and allows a privileged attacker to execute arbitrary commands as root through a crafted file upload. Successful exploitation can lead to command execution and full control of the affected system.

Active exploitation has been reported for both vulnerabilities. Cisco has observed limited exploitation of CVE-2026-20245 resulting in configuration changes being pushed to edge devices.

Key Details

Affected Product
Cisco Catalyst Sd-wan Manager
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
CWE Classification
CWE-22
Patch this CVE on all your endpoints in under 5 minutes. First 200 endpoints are free forever, scale as needed.