Cisco Confirms Active Exploitation of Two Catalyst SD-WAN Manager Vulnerabilities
Summary
Cisco has confirmed that two vulnerabilities in its Catalyst SD-WAN Manager are being actively exploited by attackers. One of these is CVE-2026-20122, an arbitrary file overwrite flaw that allows authenticated attackers to overwrite files on the system.
IFF Assessment
FOE
Active exploitation of vulnerabilities in widely used infrastructure management tools like Cisco's Catalyst SD-WAN Manager poses a significant risk to organizations, allowing attackers to compromise critical systems.
Severity
5.4
Medium
Defender Context
Defenders should prioritize patching or mitigating these vulnerabilities in their Cisco Catalyst SD-WAN Manager deployments immediately. Monitoring for signs of exploitation, such as unauthorized file modifications or network access, is crucial.