Maximum Severity Cisco SD-WAN Bug Exploited in the Wild

Summary

A CVSS 10.0 vulnerability in Cisco's SD-WAN control system is being actively exploited in the wild, marking the second critical zero-day attack against the platform this year. The flaw allows remote code execution without authentication, making it an attractive target for threat actors. Cisco has not yet disclosed patching timelines or the identity of the attacking groups.

Entities