Utopia Tech
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
SecurityAI-assisted1 min read

Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access

Cisco has issued critical security updates for a maximum-severity authentication bypass vulnerability (CVE-2026-20182, CVSS 10.0) in Catalyst SD-WAN Controller and Manager products. The flaw, affecting peering authentication mechanisms, has been actively exploited in limited attacks to gain unauthorized administrative access. Organizations using these SD-WAN solutions should prioritize immediate p

UT

Utopia Tech

May 14, 2026 · 1 min read

Share

Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0. "A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly

Originally published at thehackernews.com

#Authentication Bypass#Cisco#Critical Vulnerability#Cybersecurity#Malware#Sd-Wan#Vulnerabilities
Share
▸ Want a deeper look?

Talk to an architect about applying this to your stack.

60-minute technical evaluation, no obligation. We'll map the ideas in this article to your environment.

Schedule the call
▸ Continue reading

More from the journal

CISA Adds One Known Exploited Vulnerability to Catalog
Security

CISA Adds One Known Exploited Vulnerability to Catalog

1 min read

CISA Adds One Known Exploited Vulnerability to Catalog
Security

CISA Adds One Known Exploited Vulnerability to Catalog

1 min read

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets
Security

Stealer Backdoor Found in 3 Node-IPC Versions Targeting Developer Secrets

1 min read

All posts
Skip to main content