Cisco has patched CVE-2026-20182, a critical (CVSS 10.0) authentication bypass vulnerability in the Catalyst SD-WAN Controller and Manager stemming from a flawed peering authentication mechanism. The vulnerability affects Cisco Catalyst SD-WAN Manager versions prior to 20.9.9.1, versions 20.10.x through 20.12.5.4, versions 20.12.6.x through 20.12.6.2, versions 20.13.x through 20.15.4.4, and versions 20.15.5.x through 20.15.5.2. Cisco has released fixed versions including 20.9.9.1, 20.12.5.4, 20.12.6.2, 20.15.4.4, 20.15.5.2, 20.18.2.2, and 26.1.1.1.
Cisco has patched yet another Catalyst SD-WAN Controller authentication bypass vulnerability (CVE-2026-20182) that has been exploited as a zero-day by “a highly sophisticated cyber threat actor”. About CVE-2026-20182 CVE-2026-20182 – affecting both Cisco Catalyst SD-WAN Controller (the “brain” of the Cisco Catalyst SD-WAN solution) and Cisco Catalyst SD-WAN Manager (the management plane for the entire SD-WAN fabric) – stems from a flawed peering authentication mechanism. It affects both on-prem and cloud deployments. CVE-2026-20182 was reported … More → The post Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182) appeared first on Help Net Security .