[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:cisco-warns-of-7th-sd-wan-zero-day-exploited-in-2026-mq2fdra5":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":13,"action_required":17,"article_ids":18,"ioc_summary":20,"source_urls":21,"status":23,"expires_at":24,"created_at":25,"updated_at":26,"articles":27},"2ccf7e3d-50ea-402d-aecb-d54ee8232fda","Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026","cisco-warns-of-7th-sd-wan-zero-day-exploited-in-2026-mq2fdra5","Cisco released CVE-2026-20245, a root RCE in Catalyst SD-WAN Manager affecting authenticated netadmin users through malicious file uploads. This is the seventh SD-WAN zero-day exploited this year with confirmed cases of attackers modifying edge device configurations. No patches exist yet and workarounds are unavailable.","critical","advisory",[12],"CVE-2026-20245",[14,15,16],"Cisco","Catalyst SD-WAN Manager","Mandiant","Immediately inventory all Catalyst SD-WAN Manager instances and restrict netadmin account access to only necessary personnel. Monitor SD-WAN Manager file upload activity and edge device configuration change logs for anomalies while awaiting patches.",[19],"010d6070-5bd7-49e1-8459-54a04db67183",null,[22],"https:\u002F\u002Fwww.securityweek.com\u002Fcisco-warns-of-7th-sd-wan-zero-day-exploited-in-2026\u002F","archived","2026-06-08T14:05:11.09+00:00","2026-06-06T14:05:19.411225+00:00","2026-06-08T14:06:49.547598+00:00",[28],{"id":19,"title":6,"url":22}]