Privilege Escalation Vulnerability in Cisco Catalyst SD-WAN Manager
CVE-2026-20209

5.4MEDIUM

Key Information:

Vendor: Cisco
Status: Cisco Catalyst Sd-wan Manager
Vendor: CVE Published:; 14 May 2026

Badges

👾 Exploit Exists

What is CVE-2026-20209?

A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager allows authenticated users with read-only permissions to escalate their privileges. This occurs due to sensitive session information being logged in audit records. An attacker could exploit this flaw to gain high-privileged access, potentially allowing them to perform actions normally restricted to legitimate high-privileged users, thereby posing significant risks to network integrity and security.

Affected Version(s)

Cisco Catalyst SD-WAN Manager 20.1.12

Cisco Catalyst SD-WAN Manager 19.2.1

Cisco Catalyst SD-WAN Manager 18.4.4

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

5.4

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
May 14, 2026
Vulnerability published
May 14, 2026
Vulnerability Reserved
Oct 8, 2025

CVE-2026-20209 Data

JSON