Cisco Discovers SD-WAN Manager Vulnerability That Could Lead to Admin Privilege Escalation - Wedoany

Homepage News Details

Cisco Discovers SD-WAN Manager Vulnerability That Could Lead to Admin Privilege Escalation

2026-06-06 11:28

Favorite

en.Wedoany.com Reported - Cisco has discovered a vulnerability in Catalyst SD-WAN Manager that could allow an attacker to execute commands with full administrator privileges.

Cisco logo

Identified as CVE-2026-20245, this vulnerability affects all deployment types of Catalyst SD-WAN Manager, including on-premises, cloud-hosted, Cisco-managed, and FedRAMP government versions. The flaw stems from insufficient validation of user-supplied input in the product's command-line interface (CLI). An authenticated attacker with netadmin privileges could exploit this weakness by uploading a specially crafted file, triggering command injection and elevating their access to root-level system control.

Although the authentication requirement raises the attack bar, this vulnerability can be exploited in conjunction with two other vulnerabilities. Cisco has acknowledged limited exploitation in the wild, with at least some incidents resulting in unauthorized configuration changes being pushed to edge devices in affected deployments. No patch is currently available, and Cisco states there are no workarounds, planning to fix the issue in a future release without providing a specific timeline.

Cisco recommends that customers check for indicators of compromise by auditing the scripts.log file in the /var/log/ directory, and run the request admin-tech command from each SD-WAN control component before applying any updates to preserve log evidence and help determine if a compromise has occurred.

This Catalyst SD-WAN Manager vulnerability can be chained with two separate vulnerabilities—CVE-2026-20182 and CVE-2026-20127. Both allow remote unauthenticated attackers to gain administrator privileges by sending specially crafted requests that bypass authentication and login controls. Cisco's Talos security research team has linked these two vulnerabilities to UAT-8616, a highly sophisticated threat actor organization with evidence of malicious activity dating back to 2023.

This article is compiled by Wedoany. All AI citations must indicate the source as "Wedoany". If there is any infringement or other issues, please notify us promptly, and we will modify or delete it accordingly. Email: news@wedoany.com

Information and Communication Communication Equipment Manufacturing Engineering Communication Network Engineering

Previous：New York City Expands AI Traffic Sensor Network to 100 Locations

Next：Australian Firmus and SUBCO Plan to Build Over 60 Tbps Submarine Cable by Q2 2027

SIS Safety Instrumentation Solution

Beijing Consen Automation Technology Co., Ltd.

Fully Domestic Industrial Switch

Shenzhen Yuhang Communication Technology Co., Ltd.

Single-mode Fiber G.652B

SHENZHEN SDG INFORMATION CO., LTD.

Hangzhou GOLONG Technology Co., Ltd.

Wireless LAN | AirEngine 5776-56T Access Point

Office Data Leakage Prevention Solution

Sangfor Technologies Inc.

Intelligent Manufacturing

DONGFANG ELECTRIC CORPORATION

Negotiable /Set

Bolande Application Server Software V9.5

Beijing Baolande Software Corporation

MUX Series Communication Interface Device for Security and Stability Control System

Nanjing NR Electric Co., Ltd.

QPS-20A Redundant Power Fast Switcher

CHN ENERGY ZHISHEN CONTROL TECHNOLOGY CO., LTD.

Flat Portable Satellite Terminal 0.35m Aperture Manual Portable Terminal

China Starwin Science & Technology Co., Ltd.

Negotiable /Unit

Multi-function Marine Monitoring Low-altitude Detection Radar Sea-air Boundary Ocean Dynamic Environment Measurement

Chengdu Dixin Technology Co., Ltd.

Related Recommendations

Spanish Granite Cluster Launches SmartGranito Market Intelligence Platform

Mira Murati, founder of US-based Thinking Machines Lab, says interactive model will be launched

Microsoft VS Code 1.123 Expands Context Window to One Million Tokens

US Coupa and MIT Predict 2026 Economic Trends Based on $10 Trillion in Data

Classiq and Pontificia Universidad Católica de Chile Form Latin America's First Computational Pathology Alliance

BYK-Gardner USA Launches Automatic Color Matching System

Swiss SEALSQ Acquires Miraex to Advance Quantum Satellite Networks

Brazil's Padtec Acquires 85% Stake in LEV Brazil, Returns to Submarine Cable Market

U.S. Government Considers Taking Stakes in AI Companies Like OpenAI

AWS Launches BYOM Service to Solve SQL Server Cloud Migration Licensing Issues

Lastest Bulletin

Canada's Abitibi Announces 25.3 Million Tonne Resource at B26 Mine

Spanish Granite Cluster Launches SmartGranito Market Intelligence Platform

K92 Hits Mineralization in All 33 Holes at Arakompa, Papua New Guinea, Paving Way for First Resource Estimate

Dryden in Canada Hits Near-Surface 29.55 g/t Gold, 2026 Drilling Expanded to 45,000 Meters

Chile's El Teniente Mine Receives Copper Mark and Molybdenum Mark Certification

São Paulo State, Brazil, Plans to Release Mining Plan Through 2050 in 2027

Brazil's Minas Gerais state iron ore sales in May fell 21.9% year-on-year

Purecore Metals Listed on the Frankfurt Stock Exchange in Germany

Phase I Exploration Completed at Los Reyes Copper-Gold Project in Mexico

Norsemont hits 20m at 1.20 g/t gold equivalent in Chile