Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks

Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was ...
Network World

Cisco warns of an actively exploited SD-WAN flaw with max severity

The authentication bypass bug (CVE-2026-20182) in Catalyst SD-WAN gives remote attackers admin access, with no workaround ...
Morning Overview on MSN

Cisco’s sixth SD-WAN zero-day of 2026 gives remote attackers admin access through an authentication bypass — CISA confirms active exploitation

A remote attacker with no valid credentials can now seize full administrative control of certain Cisco SD-WAN devices, and ...
The Hacker News

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access

CVE-2026-20182 bypasses Cisco SD-WAN auth via DTLS port 12346, enabling admin access after May 2026 exploitation.
Dark Reading

Maximum Severity Cisco SD-WAN Bug Exploited in the Wild

This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system.
Security Boulevard

Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182)

Multiple critical authentication bypass vulnerabilities in Cisco Catalyst SD-WAN Controller and Manager are under active exploitation by multiple threat clusters, including CVE-2026-20182, which has ...

Agent authorization is broken — and authentication passing makes it worse

Cisco's top security officer confirms rogue agent incidents are already happening. The failure isn't identity — it's ...

Cisco Webex SSO flaw needs manual certificate update to fix

The cloud-based Webex service has already been patched, but admins must replace an identity provider certificate in Webex Control Hub to complete the fix.