Known Exploited Vulnerability
7.8
HIGH CVSS 3.1
CVE-2026-20245
Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerability - [Actively Exploited]
Description

A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by uploading a crafted file to the affected system. A successful exploit could allow the attacker to perform command injection attacks on an affected system and elevate their privileges as the root user.  To exploit this vulnerability, the attacker must have netadmin privileges on the affected system. This would require valid credentials or exploitation of or . Cisco is not aware of successful exploitation by other methods. Cisco has observed limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices. Cisco recommends that customers upgrade to the fixed software that is documented in the that was published on May 14, 2026, and verify the configuration of the edge devices.

INFO

Published Date :

June 4, 2026, 11:17 p.m.

Last Modified :

June 17, 2026, 10:17 a.m.

Remotely Exploit :

No
CISA Notification
CISA KEV (Known Exploited Vulnerabilities)

For the benefit of the cybersecurity community and network defenders—and to help every organization better manage vulnerabilities and keep pace with threat activity—CISA maintains the authoritative source of vulnerabilities that have been exploited in the wild.

Description :

Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.

Required Action :

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Known Ransomware Campaign Use:

Unknown

Notes :

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx ; https://nvd.nist.gov/vuln/detail/CVE-2026-20245

Affected Products

The following products are affected by CVE-2026-20245 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Cisco catalyst_sd-wan_manager
2 Cisco sd-wan_vsmart_controller
CVSS Scores
The Common Vulnerability Scoring System is a standardized framework for assessing the severity of vulnerabilities in software and systems. We collect and displays CVSS scores from various sources for each CVE.
Score Version Severity Vector Exploitability Score Impact Score Source
CVSS 134c704f-9b21-4f2e-91b3-4a467353bcc0
CVSS 3.1 HIGH [email protected]
Solution
Upgrade software to a fixed version to address command injection vulnerability and verify edge device configuration.
  • Upgrade to the fixed software version.
  • Verify edge device configuration.
  • Apply necessary patches or updates.
  • Restrict access to netadmin privileges.
Public PoC/Exploit Available at Github

CVE-2026-20245 has a 9 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2026-20245.

URL Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx Vendor Advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW Vendor Advisory
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20245 US Government Resource
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2026-20245 is associated with the following CWEs:

Common Attack Pattern Enumeration and Classification (CAPEC)

Common Attack Pattern Enumeration and Classification (CAPEC) stores attack patterns, which are descriptions of the common attributes and approaches employed by adversaries to exploit the CVE-2026-20245 weaknesses.

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

Fonte de pesquisa sobre cybersegurança em notebook LM, ao qual foi incluído bases de consulta-lo sobre duvidas sobre cybersegurança, vulnerabilidades e técnicas de ataques.

Updated: 5 days, 17 hours ago
0 stars 0 fork 0 watcher
Born at : July 9, 2026, 4:06 p.m. This repo has been linked 8 different CVEs too.

CVE-2026-20245

Python

Updated: 4 weeks, 1 day ago
4 stars 1 fork 1 watcher
Born at : June 14, 2026, 10:23 a.m. This repo has been linked 1 different CVEs too.

CVE-2026-20245 - Cisco SD-WAN - Draft

Updated: 1 month, 1 week ago
0 stars 0 fork 0 watcher
Born at : June 6, 2026, 4:26 a.m. This repo has been linked 1 different CVEs too.

Personal AI system built in Python cybersecurity, OSINT, sports prediction, darknet scanning, and autonomous reasoning.

Python

Updated: 1 month, 1 week ago
1 stars 0 fork 0 watcher
Born at : May 28, 2026, 10:26 p.m. This repo has been linked 2 different CVEs too.

Read-only Linux host checker for supply-chain incident response, including vulnerable kernel posture, risky module state, and known developer-tooling persistence indicators

JavaScript PowerShell

Updated: 2 days, 10 hours ago
1 stars 0 fork 0 watcher
Born at : May 13, 2026, 10:54 p.m. This repo has been linked 45 different CVEs too.

Automated GitHub Actions workflow that fetches and updates the latest cybersecurity news every Tuesday and Thursday using RSS feeds.

Updated: 2 weeks, 5 days ago
0 stars 0 fork 0 watcher
Born at : March 25, 2026, 8:04 a.m. This repo has been linked 1 different CVEs too.

tech news

Python

Updated: 1 month, 1 week ago
0 stars 0 fork 0 watcher
Born at : Dec. 3, 2025, 12:31 a.m. This repo has been linked 1 different CVEs too.

None

PowerShell Shell

Updated: 1 month, 1 week ago
1 stars 0 fork 0 watcher
Born at : Dec. 30, 2024, 12:41 p.m. This repo has been linked 5 different CVEs too.

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

security cve exploit poc vulnerability

Updated: 1 month, 1 week ago
7810 stars 1261 fork 1261 watcher
Born at : Dec. 8, 2019, 1:03 p.m. This repo has been linked 718 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2026-20245 vulnerability anywhere in the article.

  • The Hacker News
Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access. "Although tactics differ between ... Read more

Published Date: Jul 02, 2026 (1 week, 5 days ago)
  • The Hacker News
ThreatsDay: AI Compute Hijacking, Apple Email Flaw, BlueHammer Ransomware + 14 Stories

This week’s security news is mostly about weak spots.Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. Everything looks normal until someone tests a s ... Read more

Published Date: Jul 02, 2026 (1 week, 5 days ago)
  • The Hacker News
AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack

Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls the operator JADEPUFFER and says a large ... Read more

Published Date: Jul 02, 2026 (1 week, 6 days ago)
  • The Hacker News
FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations

The recently discovered financially-motivated FortiBleed campaign has been attributed to INC and Lynx ransomware operations, indicating that the verified, stolen credentials were intended for follow-o ... Read more

Published Date: Jul 02, 2026 (1 week, 6 days ago)
  • The Hacker News
New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories ... Read more

Published Date: Jul 02, 2026 (1 week, 6 days ago)
  • The Hacker News
SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting Microsoft SharePoint Server to its Known Exploited Vulnerabilities (KEV) catalog, cit ... Read more

Published Date: Jul 02, 2026 (1 week, 6 days ago)
  • The Hacker News
Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters

Argo CD, a widely used tool for deploying software to Kubernetes, has an unpatched flaw in its repo-server component that lets an unauthenticated attacker run code, provided they can reach the compone ... Read more

Published Date: Jul 01, 2026 (1 week, 6 days ago)
  • The Hacker News
Critical Cursor Flaws Could Let Prompt Injection Escape Sandbox and Run Commands

Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a developer's computer. There is no click to fall fo ... Read more

Published Date: Jul 01, 2026 (1 week, 6 days ago)
  • The Hacker News
Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts

A recently disclosed critical security flaw impacting Progress Kemp LoadMaster is seeing active exploitation attempts, according to an advisory from eSentire's Threat Response Unit (TRU). The Canadian ... Read more

Published Date: Jul 01, 2026 (1 week, 6 days ago)
  • The Hacker News
AI-Generated Browser Ransomware Abuses Chromium API on Windows and Android

Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic browser-malware concepts with a real browser capabili ... Read more

Published Date: Jul 01, 2026 (1 week, 6 days ago)
  • The Hacker News
Citrix Patches Six NetScaler Flaws Allowing File Read and Denial-of-Service

Citrix on Tuesday released security updates to address multiple flaws in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) that could be exploited by an attacker to f ... Read more

Published Date: Jul 01, 2026 (2 weeks ago)
  • The Hacker News
RustDuck Botnet Rebuilds in Rust to Hijack Routers and Servers for DDoS

A new two-stage malware family called RustDuck is hijacking home routers, IP cameras, Android boxes, and poorly secured servers, then stitching them into a network built to knock websites and online s ... Read more

Published Date: Jun 30, 2026 (2 weeks ago)
  • The Hacker News
Langflow RCE Exploited to Deploy Monero Miner on Exposed AI App Endpoints

Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The activity has been found to weaponize CVE-2026- ... Read more

Published Date: Jun 30, 2026 (2 weeks ago)
  • The Hacker News
Attackers Exploit SimpleHelp CVE-2026-48558 to Deploy TaskWeaver and Djinn Stealer

An unknown threat actor has been observed exploiting a recently disclosed maximum-severity security flaw in SimpleHelp to deliver two previously unreported malware families, TaskWeaver and Djinn Steal ... Read more

Published Date: Jun 30, 2026 (2 weeks ago)
  • The Hacker News
AirDrop and Quick Share Flaws Let Nearby Attackers Trigger Crashes and Bypass Checks

Two researchers have found six security flaws in AirDrop and Quick Share, the wireless features that beam files between nearby devices with no cables or shared network. An attacker within wireless ran ... Read more

Published Date: Jun 30, 2026 (2 weeks ago)
  • The Hacker News
Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth

A critical vulnerability in Progress Kemp LoadMaster can let an unauthenticated attacker execute arbitrary commands as root on the appliance by sending a crafted request to its API. The flaw, tracked ... Read more

Published Date: Jun 30, 2026 (2 weeks, 1 day ago)
  • The Cyber Express
Apple Security Update Patches 30+ Vulnerabilities in iOS 26.5.2

The latest Apple Security Update brings fixes for more than 30 security vulnerabilities in iOS 26.5.2 and iPadOS 26.5.2, addressing flaws across the kernel, WebKit, WebRTC, libxslt, and IOGPUFamily. R ... Read more

Published Date: Jun 30, 2026 (2 weeks, 1 day ago)
  • The Hacker News
Apple Patches 30+ iOS, macOS, Safari Flaws, Including AI-Discovered WebKit Bugs

Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities in WebKit that were discovered using artificial i ... Read more

Published Date: Jun 30, 2026 (2 weeks, 1 day ago)
  • The Hacker News
Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 (CVSS score: 9.8), r ... Read more

Published Date: Jun 30, 2026 (2 weeks, 1 day ago)
  • The Hacker News
Gamaredon Expands Ukraine Attacks with New Malware and Cloud Service Abuse

A Russian advanced persistent threat (APT) group has continued to evolve and expand its malware arsenal as part of its ongoing cyber onslaught against Ukraine throughout 2025. Slovakian cybersecurity ... Read more

Published Date: Jun 29, 2026 (2 weeks, 1 day ago)

The following table lists the changes that have been made to the CVE-2026-20245 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Jun. 17, 2026

    Action Type Old Value New Value
    Added SSVC {'id': 'CVE-2026-20245', 'role': 'CISA Coordinator', 'options': [{'exploitation': 'active'}, {'automatable': 'no'}, {'technicalImpact': 'total'}], 'version': '2.0.3', 'timestamp': '2026-06-05T00:00:00+00:00'}
  • CVE Modified by [email protected]

    Jun. 17, 2026

    Action Type Old Value New Value
    Added Affected [{'vendor': 'Cisco', 'product': 'Cisco Catalyst SD-WAN Controller', 'versions': [{'status': 'affected', 'version': '20.6.4'}, {'status': 'affected', 'version': '20.9.2'}, {'status': 'affected', 'version': '20.3.6'}, {'status': 'affected', 'version': '20.7.2'}, {'status': 'affected', 'version': '20.7.1'}, {'status': 'affected', 'version': '20.5.1'}, {'status': 'affected', 'version': '20.6.2'}, {'status': 'affected', 'version': '19.3.0'}, {'status': 'affected', 'version': '20.6.1'}, {'status': 'affected', 'version': '17.2.4'}, {'status': 'affected', 'version': '18.2.0'}, {'status': 'affected', 'version': '18.4.6'}, {'status': 'affected', 'version': '19.1.0'}, {'status': 'affected', 'version': '19.2.4'}, {'status': 'affected', 'version': '19.2.929'}, {'status': 'affected', 'version': '18.3.8'}, {'status': 'affected', 'version': '18.4.303'}, {'status': 'affected', 'version': '18.3.7'}, {'status': 'affected', 'version': '18.4.1'}, {'status': 'affected', 'version': '19.2.097'}, {'status': 'affected', 'version': '19.2.0'}, {'status': 'affected', 'version': '19.2.099'}, {'status': 'affected', 'version': '18.3.6'}, {'status': 'affected', 'version': '20.4.2'}, {'status': 'affected', 'version': '19.0.0'}, {'status': 'affected', 'version': '20.9.1'}, {'status': 'affected', 'version': '20.3.5'}, {'status': 'affected', 'version': '20.3.1'}, {'status': 'affected', 'version': '18.3.5'}, {'status': 'affected', 'version': '20.6.3'}, {'status': 'affected', 'version': '18.4.3'}, {'status': 'affected', 'version': '18.4.4'}, {'status': 'affected', 'version': '18.3.3'}, {'status': 'affected', 'version': '17.2.8'}, {'status': 'affected', 'version': '20.8.1'}, {'status': 'affected', 'version': '19.2.32'}, {'status': 'affected', 'version': '19.2.2'}, {'status': 'affected', 'version': '17.2.5'}, {'status': 'affected', 'version': '18.4.0'}, {'status': 'affected', 'version': '20.4.1.1'}, {'status': 'affected', 'version': '20.1.3'}, {'status': 'affected', 'version': '20.1.2'}, {'status': 'affected', 'version': '17.2.10'}, {'status': 'affected', 'version': '19.2.098'}, {'status': 'affected', 'version': '20.1.1'}, {'status': 'affected', 'version': '17.2.6'}, {'status': 'affected', 'version': '19.2.1'}, {'status': 'affected', 'version': '18.3.4'}, {'status': 'affected', 'version': '20.4.1'}, {'status': 'affected', 'version': '17.2.9'}, {'status': 'affected', 'version': '19.2.31'}, {'status': 'affected', 'version': '19.0.1a'}, {'status': 'affected', 'version': '18.3.0'}, {'status': 'affected', 'version': '17.2.7'}, {'status': 'affected', 'version': '18.4.5'}, {'status': 'affected', 'version': '20.3.4'}, {'status': 'affected', 'version': '20.3.3'}, {'status': 'affected', 'version': '20.4.1.2'}, {'status': 'affected', 'version': '20.3.2'}, {'status': 'affected', 'version': '18.3.1'}, {'status': 'affected', 'version': '20.1.12'}, {'status': 'affected', 'version': '19.2.3'}, {'status': 'affected', 'version': '20.10.1'}, {'status': 'affected', 'version': '20.6.5'}, {'status': 'affected', 'version': '20.3.7'}, {'status': 'affected', 'version': '20.9.3'}, {'status': 'affected', 'version': '20.11.1'}, {'status': 'affected', 'version': '20.6.3.2'}, {'status': 'affected', 'version': '20.4.2.3'}, {'status': 'affected', 'version': '20.3.5.1'}, {'status': 'affected', 'version': '20.3.4.3'}, {'status': 'affected', 'version': '20.9.3.1'}, {'status': 'affected', 'version': '20.6.4.1'}, {'status': 'affected', 'version': '20.3.3.2'}, {'status': 'affected', 'version': '20.6.5.2'}, {'status': 'affected', 'version': '20.3.7.1'}, {'status': 'affected', 'version': '20.11.1.1'}, {'status': 'affected', 'version': '20.10.1.1'}, {'status': 'affected', 'version': '20.6.1.2'}, {'status': 'affected', 'version': '20.1.3.1'}, {'status': 'affected', 'version': '20.9.2.2'}, {'status': 'affected', 'version': '20.6.5.3'}, {'status': 'affected', 'version': '20.6.3.3'}, {'status': 'affected', 'version': '20.3.7.2'}, {'status': 'affected', 'version': '20.6.5.4'}, {'status': 'affected', 'version': '20.9.2.3'}, {'status': 'affected', 'version': '20.9.4'}, {'status': 'affected', 'version': '20.12.1'}, {'status': 'affected', 'version': '20.3.8'}, {'status': 'affected', 'version': '20.6.6'}, {'status': 'affected', 'version': '20.12.2'}, {'status': 'affected', 'version': '20.13.1'}, {'status': 'affected', 'version': '20.9.5'}, {'status': 'affected', 'version': '20.12.3'}, {'status': 'affected', 'version': '20.6.7'}, {'status': 'affected', 'version': '20.9.5.1'}, {'status': 'affected', 'version': '20.14.1'}, {'status': 'affected', 'version': '20.12.3.1'}, {'status': 'affected', 'version': '20.12.4'}, {'status': 'affected', 'version': '20.15.1'}, {'status': 'affected', 'version': '20.9.6'}, {'status': 'affected', 'version': '20.6.8'}, {'status': 'affected', 'version': '20.16.1'}, {'status': 'affected', 'version': '20.9.5.3'}, {'status': 'affected', 'version': '20.12.4.1'}, {'status': 'affected', 'version': '20.15.2'}, {'status': 'affected', 'version': '20.12.5'}, {'status': 'affected', 'version': '20.9.7'}, {'status': 'affected', 'version': '20.15.3'}, {'status': 'affected', 'version': '20.12.5.1'}, {'status': 'affected', 'version': '20.12.5.2'}, {'status': 'affected', 'version': '20.15.4'}, {'status': 'affected', 'version': '20.9.7.1'}, {'status': 'affected', 'version': '20.18.1'}, {'status': 'affected', 'version': '20.12.6'}, {'status': 'affected', 'version': '20.9.8'}, {'status': 'affected', 'version': '20.15.4.1'}, {'status': 'affected', 'version': '20.18.2'}, {'status': 'affected', 'version': '26.1.1'}, {'status': 'affected', 'version': '20.15.4.2'}, {'status': 'affected', 'version': '20.18.2.1'}, {'status': 'affected', 'version': '20.12.5.3'}, {'status': 'affected', 'version': '20.12.6.1'}, {'status': 'affected', 'version': '20.9.8.2'}, {'status': 'affected', 'version': '20.15.5'}, {'status': 'affected', 'version': '20.18.3'}, {'status': 'affected', 'version': '20.12.7'}, {'status': 'affected', 'version': '20.9.9'}, {'status': 'affected', 'version': '20.18.2.2'}, {'status': 'affected', 'version': '20.12.5.4'}, {'status': 'affected', 'version': '20.12.7.1'}, {'status': 'affected', 'version': '20.15.5.1'}, {'status': 'affected', 'version': '20.15.4.3'}, {'status': 'affected', 'version': '20.12.6.2'}, {'status': 'affected', 'version': '20.15.5.2'}, {'status': 'affected', 'version': '20.15.4.4'}, {'status': 'affected', 'version': '26.1.1.1'}, {'status': 'affected', 'version': '20.9.9.1'}, {'status': 'affected', 'version': '20.18.3.1'}, {'status': 'affected', 'version': '26.1.1.2'}, {'status': 'affected', 'version': '20.15.4.5'}, {'status': 'affected', 'version': '20.15.5.3'}], 'defaultStatus': 'unknown'}, {'vendor': 'Cisco', 'product': 'Cisco Catalyst SD-WAN Manager', 'versions': [{'status': 'affected', 'version': '20.1.12'}, {'status': 'affected', 'version': '19.2.1'}, {'status': 'affected', 'version': '18.4.4'}, {'status': 'affected', 'version': '18.4.5'}, {'status': 'affected', 'version': '20.1.1.1'}, {'status': 'affected', 'version': '20.1.1'}, {'status': 'affected', 'version': '19.3.0'}, {'status': 'affected', 'version': '19.2.2'}, {'status': 'affected', 'version': '19.2.099'}, {'status': 'affected', 'version': '18.3.6'}, {'status': 'affected', 'version': '18.3.7'}, {'status': 'affected', 'version': '19.2.0'}, {'status': 'affected', 'version': '18.3.8'}, {'status': 'affected', 'version': '19.0.0'}, {'status': 'affected', 'version': '19.1.0'}, {'status': 'affected', 'version': '18.4.302'}, {'status': 'affected', 'version': '18.4.303'}, {'status': 'affected', 'version': '19.2.097'}, {'status': 'affected', 'version': '19.2.098'}, {'status': 'affected', 'version': '17.2.10'}, {'status': 'affected', 'version': '18.3.6.1'}, {'status': 'affected', 'version': '19.0.1a'}, {'status': 'affected', 'version': '18.2.0'}, {'status': 'affected', 'version': '18.4.3'}, {'status': 'affected', 'version': '18.4.1'}, {'status': 'affected', 'version': '17.2.8'}, {'status': 'affected', 'version': '18.3.3.1'}, {'status': 'affected', 'version': '18.4.0'}, {'status': 'affected', 'version': '18.3.1'}, {'status': 'affected', 'version': '17.2.6'}, {'status': 'affected', 'version': '17.2.9'}, {'status': 'affected', 'version': '18.3.4'}, {'status': 'affected', 'version': '17.2.5'}, {'status': 'affected', 'version': '18.3.1.1'}, {'status': 'affected', 'version': '18.3.5'}, {'status': 'affected', 'version': '18.4.0.1'}, {'status': 'affected', 'version': '18.3.3'}, {'status': 'affected', 'version': '17.2.7'}, {'status': 'affected', 'version': '17.2.4'}, {'status': 'affected', 'version': '18.3.0'}, {'status': 'affected', 'version': '19.2.3'}, {'status': 'affected', 'version': '18.4.501_ES'}, {'status': 'affected', 'version': '20.3.1'}, {'status': 'affected', 'version': '20.1.2'}, {'status': 'affected', 'version': '19.2.929'}, {'status': 'affected', 'version': '19.2.31'}, {'status': 'affected', 'version': '20.3.2'}, {'status': 'affected', 'version': '19.2.32'}, {'status': 'affected', 'version': '20.3.2_925'}, {'status': 'affected', 'version': '20.3.2.1'}, {'status': 'affected', 'version': '20.3.2.1_927'}, {'status': 'affected', 'version': '18.4.6'}, {'status': 'affected', 'version': '20.1.2_937'}, {'status': 'affected', 'version': '20.4.1'}, {'status': 'affected', 'version': '20.3.2_928'}, {'status': 'affected', 'version': '20.3.2_929'}, {'status': 'affected', 'version': '20.4.1.0.1'}, {'status': 'affected', 'version': '20.3.2.1_930'}, {'status': 'affected', 'version': '19.2.4'}, {'status': 'affected', 'version': '20.5.0.1.1'}, {'status': 'affected', 'version': '20.4.1.1'}, {'status': 'affected', 'version': '20.3.3'}, {'status': 'affected', 'version': '19.2.4.0.1'}, {'status': 'affected', 'version': '20.3.2_937'}, {'status': 'affected', 'version': '20.3.3.1'}, {'status': 'affected', 'version': '20.5.1'}, {'status': 'affected', 'version': '20.1.3'}, {'status': 'affected', 'version': '20.3.3.0.4'}, {'status': 'affected', 'version': '20.3.3.1.2'}, {'status': 'affected', 'version': '20.3.3.1.1'}, {'status': 'affected', 'version': '20.4.1.2'}, {'status': 'affected', 'version': '20.3.3.0.2'}, {'status': 'affected', 'version': '20.4.1.1.5'}, {'status': 'affected', 'version': '20.4.1.0.01'}, {'status': 'affected', 'version': '20.4.1.0.02'}, {'status': 'affected', 'version': '20.3.3.1.7'}, {'status': 'affected', 'version': '20.3.3.1.5'}, {'status': 'affected', 'version': '20.5.1.0.1'}, {'status': 'affected', 'version': '20.3.3.1.10'}, {'status': 'affected', 'version': '20.3.3.0.8'}, {'status': 'affected', 'version': '20.4.2'}, {'status': 'affected', 'version': '20.4.2.0.1'}, {'status': 'affected', 'version': '20.3.4'}, {'status': 'affected', 'version': '20.3.3.0.14'}, {'status': 'affected', 'version': '19.2.4.0.8'}, {'status': 'affected', 'version': '19.2.4.0.9'}, {'status': 'affected', 'version': '20.3.4.0.1'}, {'status': 'affected', 'version': '20.3.2.0.5'}, {'status': 'affected', 'version': '20.6.1'}, {'status': 'affected', 'version': '20.5.1.0.2'}, {'status': 'affected', 'version': '20.3.3.0.17'}, {'status': 'affected', 'version': '20.6.1.1'}, {'status': 'affected', 'version': '20.6.0.18.3'}, {'status': 'affected', 'version': '20.3.2.0.6'}, {'status': 'affected', 'version': '20.6.0.18.4'}, {'status': 'affected', 'version': '20.4.2.0.2'}, {'status': 'affected', 'version': '20.3.3.0.16'}, {'status': 'affected', 'version': '20.3.4.0.5'}, {'status': 'affected', 'version': '20.6.1.0.1'}, {'status': 'affected', 'version': '20.3.4.0.6'}, {'status': 'affected', 'version': '20.6.2'}, {'status': 'affected', 'version': '20.7.1EFT2'}, {'status': 'affected', 'version': '20.3.4.0.9'}, {'status': 'affected', 'version': '20.3.4.0.11'}, {'status': 'affected', 'version': '20.4.2.0.4'}, {'status': 'affected', 'version': '20.3.3.0.18'}, {'status': 'affected', 'version': '20.7.1'}, {'status': 'affected', 'version': '20.6.2.1'}, {'status': 'affected', 'version': '20.3.4.1'}, {'status': 'affected', 'version': '20.5.1.1'}, {'status': 'affected', 'version': '20.4.2.1'}, {'status': 'affected', 'version': '20.4.2.1.1'}, {'status': 'affected', 'version': '20.3.4.1.1'}, {'status': 'affected', 'version': '20.3.813'}, {'status': 'affected', 'version': '20.3.4.0.19'}, {'status': 'affected', 'version': '20.4.2.2.1'}, {'status': 'affected', 'version': '20.5.1.2'}, {'status': 'affected', 'version': '20.3.4.2'}, {'status': 'affected', 'version': '20.3.814'}, {'status': 'affected', 'version': '20.4.2.2'}, {'status': 'affected', 'version': '20.6.2.2'}, {'status': 'affected', 'version': '20.3.4.2.1'}, {'status': 'affected', 'version': '20.7.1.1'}, {'status': 'affected', 'version': '20.3.4.1.2'}, {'status': 'affected', 'version': '20.6.2.2.2'}, {'status': 'affected', 'version': '20.3.4.0.20'}, {'status': 'affected', 'version': '20.6.2.2.3'}, {'status': 'affected', 'version': '20.4.2.2.2'}, {'status': 'affected', 'version': '20.3.5'}, {'status': 'affected', 'version': '20.6.2.0.4'}, {'status': 'affected', 'version': '20.4.2.2.3'}, {'status': 'affected', 'version': '20.3.4.0.24'}, {'status': 'affected', 'version': '20.6.2.2.7'}, {'status': 'affected', 'version': '20.6.3'}, {'status': 'affected', 'version': '20.3.4.2.2'}, {'status': 'affected', 'version': '20.4.2.2.4'}, {'status': 'affected', 'version': '20.7.1.0.2'}, {'status': 'affected', 'version': '20.8.1'}, {'status': 'affected', 'version': '20.3.5.0.8'}, {'status': 'affected', 'version': '20.3.5.0.9'}, {'status': 'affected', 'version': '20.4.2.2.8'}, {'status': 'affected', 'version': '20.3.5.0.7'}, {'status': 'affected', 'version': '20.6.3.0.7'}, {'status': 'affected', 'version': '20.6.3.0.5'}, {'status': 'affected', 'version': '20.6.3.0.10'}, {'status': 'affected', 'version': '20.6.3.0.2'}, {'status': 'affected', 'version': '20.7.2'}, {'status': 'affected', 'version': '20.9.1EFT2'}, {'status': 'affected', 'version': '20.6.3.0.11'}, {'status': 'affected', 'version': '20.6.3.1'}, {'status': 'affected', 'version': '20.6.3.0.14'}, {'status': 'affected', 'version': '20.6.4'}, {'status': 'affected', 'version': '20.9.1'}, {'status': 'affected', 'version': '20.6.3.0.19'}, {'status': 'affected', 'version': '20.6.3.0.18'}, {'status': 'affected', 'version': '20.3.6'}, {'status': 'affected', 'version': '20.9.1.1'}, {'status': 'affected', 'version': '20.6.3.0.23'}, {'status': 'affected', 'version': '20.6.4.0.4'}, {'status': 'affected', 'version': '20.6.3.0.25'}, {'status': 'affected', 'version': '20.6.5'}, {'status': 'affected', 'version': '20.6.3.0.27'}, {'status': 'affected', 'version': '20.9.2'}, {'status': 'affected', 'version': '20.9.2.1'}, {'status': 'affected', 'version': '20.6.3.0.29'}, {'status': 'affected', 'version': '20.6.3.0.31'}, {'status': 'affected', 'version': '20.6.3.0.32'}, {'status': 'affected', 'version': '20.10.1'}, {'status': 'affected', 'version': '20.6.3.0.33'}, {'status': 'affected', 'version': '20.9.2.0.01'}, {'status': 'affected', 'version': '20.9.1_LI_Images'}, {'status': 'affected', 'version': '20.10.1_LI_Images'}, {'status': 'affected', 'version': '20.9.2_LI_Images'}, {'status': 'affected', 'version': '20.3.7'}, {'status': 'affected', 'version': '20.9.3'}, {'status': 'affected', 'version': '20.6.5.1'}, {'status': 'affected', 'version': '20.11.1'}, {'status': 'affected', 'version': '20.11.1_LI_Images'}, {'status': 'affected', 'version': '20.9.3_LI_ Images'}, {'status': 'affected', 'version': '20.6.3.1.1'}, {'status': 'affected', 'version': '20.9.3.0.2'}, {'status': 'affected', 'version': '20.6.5.1.2'}, {'status': 'affected', 'version': '20.9.3.0.3'}, {'status': 'affected', 'version': '20.4.2.3'}, {'status': 'affected', 'version': '20.6.3.2'}, {'status': 'affected', 'version': '20.6.4.1'}, {'status': 'affected', 'version': '20.6.3.0.38'}, {'status': 'affected', 'version': '20.6.3.0.39'}, {'status': 'affected', 'version': '20.3.5.1'}, {'status': 'affected', 'version': '20.3.4.3'}, {'status': 'affected', 'version': '20.9.3.1'}, {'status': 'affected', 'version': '20.3.3.2'}, {'status': 'affected', 'version': '20.6.5.2'}, {'status': 'affected', 'version': '20.3.7.1'}, {'status': 'affected', 'version': '20.10.1.1'}, {'status': 'affected', 'version': '20.6.5.2.1'}, {'status': 'affected', 'version': '20.3.4.0.25'}, {'status': 'affected', 'version': '20.6.2.2.4'}, {'status': 'affected', 'version': '20.6.1.2'}, {'status': 'affected', 'version': '20.11.1.1'}, {'status': 'affected', 'version': '20.9.3.0.5'}, {'status': 'affected', 'version': '20.3.4.0.26'}, {'status': 'affected', 'version': '20.6.5.1.3'}, {'status': 'affected', 'version': '20.6.3.0.40'}, {'status': 'affected', 'version': '20.1.3.1'}, {'status': 'affected', 'version': '20.9.2.2'}, {'status': 'affected', 'version': '20.6.5.2.3'}, {'status': 'affected', 'version': '20.6.5.1.4'}, {'status': 'affected', 'version': '20.6.5.3'}, {'status': 'affected', 'version': '20.6.3.0.41'}, {'status': 'affected', 'version': '20.9.3.0.7'}, {'status': 'affected', 'version': '20.6.5.1.5'}, {'status': 'affected', 'version': '20.9.3.0.4'}, {'status': 'affected', 'version': '20.6.4.0.19'}, {'status': 'affected', 'version': '20.6.5.1.6'}, {'status': 'affected', 'version': '20.9.3.0.8'}, {'status': 'affected', 'version': '20.6.3.3'}, {'status': 'affected', 'version': '20.3.7.2'}, {'status': 'affected', 'version': '20.6.5.4'}, {'status': 'affected', 'version': '20.6.5.1.7'}, {'status': 'affected', 'version': '20.9.3.0.12'}, {'status': 'affected', 'version': '20.6.4.2'}, {'status': 'affected', 'version': '20.6.5.5'}, {'status': 'affected', 'version': '20.9.3.2'}, {'status': 'affected', 'version': '20.11.1.2'}, {'status': 'affected', 'version': '20.6.3.4'}, {'status': 'affected', 'version': '20.10.1.2'}, {'status': 'affected', 'version': '20.6.5.1.9'}, {'status': 'affected', 'version': '20.9.3.0.16'}, {'status': 'affected', 'version': '20.6.3.0.45'}, {'status': 'affected', 'version': '20.6.5.1.10'}, {'status': 'affected', 'version': '20.9.3.0.17'}, {'status': 'affected', 'version': '20.6.5.2.4'}, {'status': 'affected', 'version': '20.6.4.0.21'}, {'status': 'affected', 'version': '20.9.3.0.18'}, {'status': 'affected', 'version': '20.6.3.0.46'}, {'status': 'affected', 'version': '20.6.3.0.47'}, {'status': 'affected', 'version': '20.9.2.3'}, {'status': 'affected', 'version': '20.9.3.2_LI_Images'}, {'status': 'affected', 'version': '20.9.3.0.21'}, {'status': 'affected', 'version': '20.9.3.0.20'}, {'status': 'affected', 'version': '20.9.4_LI_Images'}, {'status': 'affected', 'version': '20.9.4'}, {'status': 'affected', 'version': '20.6.5.1.11'}, {'status': 'affected', 'version': '20.12.1'}, {'status': 'affected', 'version': '20.12.1_LI_Images'}, {'status': 'affected', 'version': '20.6.5.1.13'}, {'status': 'affected', 'version': '20.9.3.0.23'}, {'status': 'affected', 'version': '20.6.5.2.8'}, {'status': 'affected', 'version': '20.9.4.1'}, {'status': 'affected', 'version': '20.9.4.1_LI_Images'}, {'status': 'affected', 'version': '20.9.3.0.25'}, {'status': 'affected', 'version': '20.9.3.0.24'}, {'status': 'affected', 'version': '20.6.5.1.14'}, {'status': 'affected', 'version': '20.3.8'}, {'status': 'affected', 'version': '20.6.6'}, {'status': 'affected', 'version': '20.9.3.0.26'}, {'status': 'affected', 'version': '20.6.3.0.51'}, {'status': 'affected', 'version': '20.9.3.0.29'}, {'status': 'affected', 'version': '20.12.2'}, {'status': 'affected', 'version': '20.12.2_LI_Images'}, {'status': 'affected', 'version': '20.6.6.0.1'}, {'status': 'affected', 'version': '20.13.1_LI_Images'}, {'status': 'affected', 'version': '20.9.4.0.4'}, {'status': 'affected', 'version': '20.13.1'}, {'status': 'affected', 'version': '20.9.4.1.1'}, {'status': 'affected', 'version': '20.9.5'}, {'status': 'affected', 'version': '20.9.5_LI_Images'}, {'status': 'affected', 'version': '20.12.3_LI_Images'}, {'status': 'affected', 'version': '20.12.3'}, {'status': 'affected', 'version': '20.9.4.1.3'}, {'status': 'affected', 'version': '20.6.7'}, {'status': 'affected', 'version': '20.9.5.1'}, {'status': 'affected', 'version': '20.9.5.1_LI_Images'}, {'status': 'affected', 'version': '20.9.4.1.6'}, {'status': 'affected', 'version': '20.14.1'}, {'status': 'affected', 'version': '20.14.1_LI_Images'}, {'status': 'affected', 'version': '20.9.5.2'}, {'status': 'affected', 'version': '20.9.5.2.1'}, {'status': 'affected', 'version': '20.9.5.2_LI_Images'}, {'status': 'affected', 'version': '20.12.3.1'}, {'status': 'affected', 'version': '20.12.4'}, {'status': 'affected', 'version': '20.15.1_LI_Images'}, {'status': 'affected', 'version': '20.15.1'}, {'status': 'affected', 'version': '20.9.5.1.4'}, {'status': 'affected', 'version': '20.9.5.2.7'}, {'status': 'affected', 'version': '20.9.5.2.13'}, {'status': 'affected', 'version': '20.9.6'}, {'status': 'affected', 'version': '20.9.6_LI_Images'}, {'status': 'affected', 'version': '20.9.5.2.14'}, {'status': 'affected', 'version': '20.6.8'}, {'status': 'affected', 'version': '20.12.4.0.03'}, {'status': 'affected', 'version': '20.16.1'}, {'status': 'affected', 'version': '20.16.1_LI_Images'}, {'status': 'affected', 'version': '20.12.4_LI_Images'}, {'status': 'affected', 'version': '20.9.5.2.16'}, {'status': 'affected', 'version': '20.12.4.0.4'}, {'status': 'affected', 'version': '20.12.401'}, {'status': 'affected', 'version': '20.9.5.3'}, {'status': 'affected', 'version': '20.9.5.3_LI_Images'}, {'status': 'affected', 'version': '20.12.4.1_LI_Images'}, {'status': 'affected', 'version': '20.12.4.1'}, {'status': 'affected', 'version': '20.9.5.2.21'}, {'status': 'affected', 'version': '20.9.6.0.3'}, {'status': 'affected', 'version': '20.12.4.0.6'}, {'status': 'affected', 'version': '20.15.2_LI_Images'}, {'status': 'affected', 'version': '20.15.2'}, {'status': 'affected', 'version': '20.12.4_Monthly_ES5'}, {'status': 'affected', 'version': '20.12.5'}, {'status': 'affected', 'version': '20.12.5_LI_Images'}, {'status': 'affected', 'version': '20.9.7_LI _Images'}, {'status': 'affected', 'version': '20.9.7'}, {'status': 'affected', 'version': '20.15.3'}, {'status': 'affected', 'version': '20.15.3_ LI _Images'}, {'status': 'affected', 'version': '20.12.501'}, {'status': 'affected', 'version': '20.12.5.1_LI_Images'}, {'status': 'affected', 'version': '20.12.5.1'}, {'status': 'affected', 'version': '20.12.5.2_LI_Images'}, {'status': 'affected', 'version': '20.12.5.2'}, {'status': 'affected', 'version': '20.15.3.1'}, {'status': 'affected', 'version': '20.15.4_LI_Images'}, {'status': 'affected', 'version': '20.15.4'}, {'status': 'affected', 'version': '20.9.7.1_LI _Images'}, {'status': 'affected', 'version': '20.9.7.1'}, {'status': 'affected', 'version': '20.18.1'}, {'status': 'affected', 'version': '20.18.1_LI_Images'}, {'status': 'affected', 'version': '20.12.6_LI_Images'}, {'status': 'affected', 'version': '20.12.6'}, {'status': 'affected', 'version': '20.12.5.1.01'}, {'status': 'affected', 'version': '26.0.1'}, {'status': 'affected', 'version': '20.9.8'}, {'status': 'affected', 'version': '20.9.8_LI_Images'}, {'status': 'affected', 'version': '20.18.2'}, {'status': 'affected', 'version': '20.15.4.1_LI_Images'}, {'status': 'affected', 'version': '20.15.4.1'}, {'status': 'affected', 'version': '20.18.2_LI_Images'}, {'status': 'affected', 'version': '26.1.1'}, {'status': 'affected', 'version': '26.1.1_LI_Images'}, {'status': 'affected', 'version': '20.18.2.1_LI_Images'}, {'status': 'affected', 'version': '20.18.2.1'}, {'status': 'affected', 'version': '20.15.4.2_LI_Images'}, {'status': 'affected', 'version': '20.15.4.2'}, {'status': 'affected', 'version': '20.12.6.1'}, {'status': 'affected', 'version': '20.12.6.1_LI_Images'}, {'status': 'affected', 'version': '20.12.5.3'}, {'status': 'affected', 'version': '20.12.5.3_LI_Images'}, {'status': 'affected', 'version': '20.9.8.2_LI_Images'}, {'status': 'affected', 'version': '20.9.8.2'}, {'status': 'affected', 'version': '20.18.3'}, {'status': 'affected', 'version': '20.18.3_LI_Images'}, {'status': 'affected', 'version': '20.15.5'}, {'status': 'affected', 'version': '20.15.5_LI_Images'}, {'status': 'affected', 'version': '20.12.7'}, {'status': 'affected', 'version': '20.12.7_LI_Images'}, {'status': 'affected', 'version': '20.9.9'}, {'status': 'affected', 'version': '20.9.9_LI_Images'}, {'status': 'affected', 'version': '20.18.2.2'}, {'status': 'affected', 'version': '20.18.2.2_LI_Images'}, {'status': 'affected', 'version': '20.12.5.4'}, {'status': 'affected', 'version': '20.12.5.4_LI_ Images'}, {'status': 'affected', 'version': '20.12.7.1_LI_Images'}, {'status': 'affected', 'version': '20.12.6.2_LI_Images'}, {'status': 'affected', 'version': '20.12.7.1'}, {'status': 'affected', 'version': '20.15.5.1'}, {'status': 'affected', 'version': '20.15.4.3'}, {'status': 'affected', 'version': '20.15.4.3_LI_Images'}, {'status': 'affected', 'version': '20.15.5.1_LI_Images'}, {'status': 'affected', 'version': '20.12.6.2'}, {'status': 'affected', 'version': '20.15.5.2'}, {'status': 'affected', 'version': '20.15.5.2_LI_Images'}, {'status': 'affected', 'version': '26.1.1.1_LI_Images'}, {'status': 'affected', 'version': '20.15.4.4'}, {'status': 'affected', 'version': '20.15.4.4_LI_Images'}, {'status': 'affected', 'version': '26.1.1.1'}, {'status': 'affected', 'version': '20.9.9.1_LI_Images'}, {'status': 'affected', 'version': '20.9.9.1'}], 'defaultStatus': 'unknown'}]
  • Initial Analysis by [email protected]

    Jun. 10, 2026

    Action Type Old Value New Value
    Added CPE Configuration OR *cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:* versions up to (excluding) 20.9.9.1 *cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:* versions from (including) 20.12.6 up to (excluding) 20.12.6.2 *cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:* versions from (including) 20.13 up to (excluding) 20.15.4.4 *cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:* versions from (including) 20.15.5 up to (excluding) 20.15.5.2 *cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:* versions from (including) 20.16 up to (excluding) 20.18.2.2 *cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:* versions from (including) 26.1 up to (excluding) 26.1.1.1 *cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.7:*:*:*:*:*:*:* *cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:* versions from (including) 20.10 up to (excluding) 20.12.5.4 *cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:* versions up to (excluding) 20.9.9.1 *cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:* versions from (including) 20.10 up to (excluding) 20.12.5.4 *cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:* versions from (including) 20.12.6 up to (excluding) 20.12.6.2 *cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:* versions from (including) 20.13 up to (excluding) 20.15.4.4 *cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:* versions from (including) 20.15.5 up to (excluding) 20.15.5.2 *cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:* versions from (including) 20.16 up to (excluding) 20.18.2.2 *cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:* versions from (including) 26.1 up to (excluding) 26.1.1.1 *cpe:2.3:a:cisco:sd-wan_vsmart_controller:20.12.7:*:*:*:*:*:*:*
    Added Reference Type Cisco Systems, Inc.: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx Types: Vendor Advisory
    Added Reference Type Cisco Systems, Inc.: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW Types: Vendor Advisory
    Added Reference Type CISA-ADP: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20245 Types: US Government Resource
  • CVE Modified by [email protected]

    Jun. 09, 2026

    Action Type Old Value New Value
    Changed Description A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by uploading a crafted file to the affected system. A successful exploit could allow the attacker to perform command injection attacks on an affected system and elevate their privileges as the root user. To exploit this vulnerability, the attacker must have netadmin privileges on the affected system. This would require valid credentials or exploitation of or . Cisco is not aware of successful exploitation by other methods. Cisco has observed limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices. Cisco recommends that customers upgrade to the fixed software that is documented in the that was published on May 14, 2026, and verify the configuration of the edge devices. A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator, formerly SD-WAN vBond, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by uploading a crafted file to the affected system. A successful exploit could allow the attacker to perform command injection attacks on an affected system and elevate their privileges as the root user.  To exploit this vulnerability, the attacker must have netadmin privileges on the affected system. This would require valid credentials or exploitation of or . Cisco is not aware of successful exploitation by other methods. Cisco has observed limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices. Cisco recommends that customers upgrade to the fixed software that is documented in the that was published on May 14, 2026, and verify the configuration of the edge devices.
  • CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0

    Jun. 09, 2026

    Action Type Old Value New Value
    Added Reference https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20245
  • CVE CISA KEV Update by 9119a7d8-5eab-497f-8521-727c672e3725

    Jun. 09, 2026

    Action Type Old Value New Value
    Added Date Added 2026-06-09
    Added Due Date 2026-06-09
    Added Required Action 2026-06-09
    Added Vulnerability Name 2026-06-09
  • New CVE Received by [email protected]

    Jun. 04, 2026

    Action Type Old Value New Value
    Added Description A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by uploading a crafted file to the affected system. A successful exploit could allow the attacker to perform command injection attacks on an affected system and elevate their privileges as the root user. To exploit this vulnerability, the attacker must have netadmin privileges on the affected system. This would require valid credentials or exploitation of or . Cisco is not aware of successful exploitation by other methods. Cisco has observed limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices. Cisco recommends that customers upgrade to the fixed software that is documented in the that was published on May 14, 2026, and verify the configuration of the edge devices.
    Added CVSS V3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    Added CWE CWE-116
    Added Reference https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-4uxFrdzx
    Added Reference https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.