Authentication Bypass in Cisco Catalyst SD-WAN Controller and Manager
CVE-2026-20182
Key Information:
- Vendor
Cisco
- Vendor
- CVE Published:
- 14 May 2026
Badges
What is CVE-2026-20182?
CVE-2026-20182 is a significant vulnerability within the Cisco Catalyst SD-WAN Controller and Manager systems, critical tools for managing and controlling software-defined wide area networks (SD-WAN). This vulnerability arises from a flaw in the peering authentication mechanism, which is designed to ensure that only authorized entities can communicate and manage the SD-WAN infrastructure. When exploited, this vulnerability enables an unauthenticated remote attacker to bypass authentication protocols and gain unauthorized administrative access to the system. Consequently, an attacker could send specifically crafted requests, allowing them to log into the affected SD-WAN Controller with high-level privileges, thus manipulating critical network configurations and potentially leading to a complete compromise of the SD-WAN fabric. The ramifications of this could affect an organization's operational integrity, network security, and overall harmony in data flow—exposing them to further attacks and escalating threats.
Potential impact of CVE-2026-20182
-
Unauthorized Access: The vulnerability allows attackers to bypass authentication, gaining unauthorized administrative privileges. This access can facilitate further intrusion into the network, enabling them to execute malicious commands and alter configurations with minimal detection.
-
Network Configuration Manipulation: With administrative access, attackers can manipulate network configurations within the SD-WAN environment. This could lead to misrouting of traffic, interception of sensitive information, or even the complete shutdown of network services, effectively disrupting organizational operations.
-
Increased Risk of Data Breaches: The ability to control network configurations increases the vulnerability to data breaches. Attackers may redirect sensitive data through malicious servers or expose internal systems to other vulnerabilities, heightening the risk for organizations reliant on Cisco Catalyst SD-WAN technology.
CISA has reported CVE-2026-20182
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2026-20182 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace as recent news articles suggest the vulnerability is being used by ransomware groups.
The CISA's recommendation is: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlined in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
Affected Version(s)
Cisco Catalyst SD-WAN Manager 20.1.12
Cisco Catalyst SD-WAN Manager 19.2.1
Cisco Catalyst SD-WAN Manager 18.4.4
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
SwapupdateCVE-2026-20182CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
Ravie LakshmananMay 15, 2026Vulnerability / Credential Theft
4 weeks ago
References
EPSS Score
83% chance of being exploited in the next 30 days.
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 📈
Vulnerability started trending
- 💰
Used in Ransomware
- 👾
Exploit known to exist
- 🦅
CISA Reported
- 📰
First article discovered by The Hacker News
Vulnerability published
Vulnerability Reserved