[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"focus:malicious-hackers-exploit-cisco-zero-day-for-highest-access-level-at-communicati-mqskb5kd":3},{"item":4},{"id":5,"title":6,"slug":7,"summary":8,"severity":9,"category":10,"cve_ids":11,"affected_products":12,"action_required":17,"article_ids":18,"ioc_summary":20,"source_urls":21,"status":23,"expires_at":24,"created_at":25,"updated_at":26,"articles":27},"d2dafcfd-9e2a-49a8-bc5d-9ba561c43b08","Malicious hackers exploit Cisco zero-day for highest access level at communications service provider","malicious-hackers-exploit-cisco-zero-day-for-highest-access-level-at-communicati-mqskb5kd","Mandiant discovered attackers exploiting an unpatched Cisco SD-WAN zero-day to achieve root-level access at a communications service provider. This granted them visibility into internal network traffic while evading detection. Communications providers and enterprises running Cisco SD-WAN edge devices are at immediate risk of persistent compromise and lateral movement.","critical","advisory",[],[13,14,15,16],"Cisco Catalyst SD-WAN Manager","Cisco","Mandiant","Google","Immediately inventory all Cisco SD-WAN controllers and edge devices in your environment. Apply the latest Cisco security patch and validate successful deployment within 24 hours. Hunt for suspicious root-level access logs and unusual inter-site traffic patterns in the past 90 days.",[19],"00ac6300-3c34-414e-a4d9-abe7da550c5f",null,[22],"https:\u002F\u002Fcyberscoop.com\u002Fcisco-sd-wan-zero-day-exploit-communications-provider\u002F","active","2026-06-26T21:05:11.337+00:00","2026-06-24T21:05:16.59966+00:00","2026-06-24T21:09:08.91167+00:00",[28],{"id":19,"title":6,"url":22}]