Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

Source: The Hacker News

A newly disclosed maximum‑severity security flaw in Cisco Catalyst SD‑WAN Controller (formerly vSmart) and Catalyst SD‑WAN Manager (formerly vManage) has come under active exploitation in the wild as part of malicious activity that dates back to 2023.

The vulnerability, tracked as CVE‑2026‑20127 (CVSS score: 10.0), allows an unauthenticated remote attacker to bypass authentication and obtain