"In March 2026, the Cisco PSIRT became aware of active exploitation of the vulnerabilities that are described in CVE-2026-20128 and CVE-2026-20122 only. Cisco strongly recommends that customers upgrade to a fixed software release to remediate these vulnerabilities."
"One of the bugs, CVE-2026-20122, carries a CVSS score of 7.1 and allows an authenticated remote attacker to overwrite arbitrary files on the local filesystem. The second issue, CVE-2026-20128, is a lower-rated information disclosure flaw with a CVSS score of 5.5 that could allow an authenticated local attacker to gain Data Collection Agent (DCA) user privileges on an affected system."
"The warning comes barely a week after governments from the Five Eyes intelligence alliance warned that attackers were actively targeting Cisco's Catalyst SD-WAN infrastructure using two different vulnerabilities. One is CVE-2022-20775, a path traversal flaw affecting the SD-WAN command-line interface that can lead to privilege escalation, and the other is CVE-2026-20127, a maximum-severity authentication issue affecting the Catalyst SD-WAN Controller and Manager platforms."
Cisco has confirmed that attackers are actively exploiting two vulnerabilities in Catalyst SD-WAN Manager, the central management platform for many organizations' SD-WAN deployments. CVE-2026-20122, rated 7.1 on the CVSS scale, allows authenticated remote attackers to overwrite arbitrary files on the local filesystem. CVE-2026-20128, rated 5.5, permits authenticated local attackers to gain Data Collection Agent user privileges. Cisco became aware of active exploitation in March 2026 but provided minimal details about attack methods or threat actors. The company recommends immediate upgrades to fixed software releases. This warning follows a recent Five Eyes alert about attacks targeting Cisco's Catalyst SD-WAN infrastructure using different vulnerabilities.
#cisco-sd-wan-vulnerabilities #active-exploitation #catalyst-sd-wan-manager #privilege-escalation #cybersecurity-patching
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]