Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

Cisco Catalyst SD-WAN Manager is under active exploitation due to CVE-2026-20245, a high-severity authentication bypass that allows local attackers to execute arbitrary commands as root. No patch is available yet. Any organization running affected SD-WAN Manager instances is at immediate risk of full system compromise.

CRITICALAdvisoryJun 06, 2026

Action required

Inventory all Cisco Catalyst SD-WAN Manager deployments immediately. Restrict local access to the management interface, monitor for suspicious file uploads and command injection attempts, and prepare to isolate affected systems if exploitation is detected.

Affected products

CiscoCatalyst SD-WAN ManagerSD-WAN vManageGoogle Mandiant

CVE IDs

CVE-2026-20245 CVE-2026-20182

Linked articles

Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available

Source links

https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-manager-cve-2026.html