SECURITYTHE HACKER NEWS
Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access
A high-severity security flaw in Cisco Catalyst SD-WAN, tracked as CVE-2026-20245, was exploited by an unknown threat actor as a zero-day for at least two months before public disclosure. Mandiant found the vulnerability allows an authenticated, local attacker to execute arbitrary commands with elevated privileges.
Related Signal
Adjacent reporting
- Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks
- PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure
- LiteSpeed cPanel Plugin CVE-2026-48172 Exploited to Run Scripts as Root
- Fortinet Issues Emergency Patch for FortiClient Zero-Day
- Oracle WebLogic CVE-2024-21182 Added to KEV Catalog After Active Exploitation
- Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available