CISA has added CVE-2026-20133 (CVSS 6.5) to its Known Exploited Vulnerabilities catalog, indicating it is being actively leveraged in attacks alongside two other previously confirmed Cisco Catalyst SD-WAN Manager flaws, CVE-2026-20128 and CVE-2026-20122. Affected versions are Cisco Catalyst SD-WAN Manager prior to 20.9.8.2, versions 20.11.x before 20.12.5.3, versions 20.13.x before 20.15.4.2, versions 20.16.x before 20.18.2.1, and specifically version 20.12.6. The fixed versions are 20.9.8.2, 20.12.5.3, 20.15.4.2, and 20.18.2.1.
CISA added eight new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including a Cisco Catalyst SD-WAN Manager vulnerability (CVE-2026-20133) that Cisco has yet to flag as exploited. Three Cisco Catalyst SD-WAN Manager vulnerabilities Alongside CVE-2026-20133, CISA has also listed CVE-2026-20128 and CVE-2026-20122 – two other Catalyst SD-WAN Manager vulnerabilities – as being leveraged in attacks. The latter two flaws have been confirmed as actively exploited by Cisco in early March 2026. In March, VulnCheck’s … More → The post CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133) appeared first on Help Net Security .