"CVE-2026-20128 is an information disclosure vulnerability in the data collection agent (DCA) feature of Cisco Catalyst SD-WAN Manager that allows unauthenticated, remote attackers to gain DCA user privileges on an affected system."
"CVE-2026-20122 is an arbitrary file overwrite flaw that could let an authenticated remote attacker with valid read-only API credentials upload a malicious file, overwrite arbitrary local files, and gain vManage user privileges."
"In March 2026, the Cisco PSIRT became aware of active exploitation of the vulnerabilities that are described in CVE-2026-20128 and CVE-2026-20122 only."
CISA has identified three vulnerabilities in Cisco Catalyst SD-WAN Manager that are currently under attack. Federal agencies have been given a four-day deadline to patch these security holes. The vulnerabilities include information disclosure flaws that allow unauthorized access to user privileges and sensitive information, as well as an arbitrary file overwrite flaw. Cisco has previously patched these issues and reported active exploitation of two of them. The third vulnerability is not currently listed as being exploited.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]