Cisco Catalyst SD-WAN Controller Authenticated Privilege Escalation Vulnerability
CVE-2026-20245
Key Information:
- Vendor
Cisco
- Vendor
- CVE Published:
- 4 June 2026
Badges
What is CVE-2026-20245?
false
Affected Version(s)
Cisco Catalyst SD-WAN Manager 20.1.12
Cisco Catalyst SD-WAN Manager 19.2.1
Cisco Catalyst SD-WAN Manager 18.4.4
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
News Articles
The Hacker NewsCVE-2026-20245Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Cisco Catalyst SD-WAN Manager vulnerability CVE-2026-20245 is under active exploitation and has a CVSS score of 7.8.
23 hours ago
It Security NewsCVE-2026-20245Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245) - IT Security News
A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that has yet to be patched by Cisco is being leveraged by attackers. “To exploit this vulnerability, an attacker must have netadmin privileges on an affected system. This would…Read more →
2 days ago
Help Net SecurityCVE-2026-20245Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245) - Help Net Security
A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager is being leveraged by attackers.
2 days ago
References
CVSS V3.1
Timeline
- 🟡
Public PoC available
- 📰
First article discovered by Securityweek
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved