CVE ID
CVE-2026-20182
Vulnerability Name
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
- Project: Cisco
- Product: Catalyst SD-WAN
Date
- Date Added: 2026-05-14
- Due Date: 2026-05-17
Description
Cisco Catalyst SD-WAN Controller & Manager contain an authentication bypass vulnerability that allows an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system.
Known To Be Used in Ransomware Campaigns?
Unknown
Action
Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlined in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
Additional Notes
CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW ; https://nvd.nist.gov/vuln/detail/CVE-2026-20182
Related Security News
- CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
- Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
- Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Top comments (0)