Multiple critical vulnerabilities in Cisco Catalyst SD-WAN Manager, including CVE-2026-20209, CVE-2026-20210, and CVE-2026-20224, could allow a remote attacker to access sensitive information, elevate privileges, or gain unauthorized application access. Cisco has released software updates to address these vulnerabilities, and there are no available workarounds. The vendor strongly recommends upgrading to the fixed software versions specified in their advisory.
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, elevate privileges, or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R <br/>Security Impact Rating: Critical <br/>CVE: CVE-2026-20209,CVE-2026-20210,CVE-2026-20224