[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:cisco-warns-of-unpatched-sd-wan-zero-day-exploited-in-attacks-mq2fdszh":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":13,"action_required":19,"article_ids":20,"ioc_summary":22,"source_urls":23,"status":25,"expires_at":26,"created_at":27,"updated_at":28,"articles":29},"c8fb34fb-2408-40ec-afb0-1493b22aea61","Cisco warns of unpatched SD-WAN zero-day exploited in attacks","cisco-warns-of-unpatched-sd-wan-zero-day-exploited-in-attacks-mq2fdszh","Cisco Catalyst SD-WAN Manager has an unpatched zero-day (CVE-2026-20245) being actively exploited to gain root access. Local attackers with netadmin privileges can bypass input validation and execute arbitrary commands, leading to unauthorized configuration changes on edge devices. Any organization running vulnerable SD-WAN Manager instances is at immediate risk.","critical","advisory",[12],"CVE-2026-20245",[14,15,16,17,18],"Cisco","Cisco Catalyst SD-WAN Manager","Cisco SD-WAN Cloud-Pro","Cisco SD-WAN for Government","Google Cloud (Mandiant)","Immediately inventory all Cisco Catalyst SD-WAN Manager instances in your environment. Cross-reference against provided IOCs for signs of exploitation. If you cannot patch, isolate affected managers from production networks and restrict netadmin access until a fix is available.",[21],"483f56c6-8786-4b84-9421-db6ff10ba31a",null,[24],"https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fnew-cisco-sd-wan-flaw-exploited-in-zero-day-attacks-to-gain-root\u002F","archived","2026-06-08T14:05:11.09+00:00","2026-06-06T14:05:21.59463+00:00","2026-06-08T14:06:49.547598+00:00",[30],{"id":21,"title":6,"url":24}]