Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026
The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616. The post Cisco Patche...
Cisco
20 articles
CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits
The U.S.
Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182)
Multiple critical authentication bypass vulnerabilities in Cisco Catalyst SD-WAN Controller and Manager are under active exploitation by multiple threat clus...
Fake job interviews used to deploy JobStealer malware
The campaign involves scammers posing as recruiters and inviting victims to online interviews via custom platforms that mimic legitimate services like Cisco ...
Cisco warns of new critical SD-WAN flaw exploited in zero-day attacks
Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks...
U.S. CISA adds a flaw in Cisco Catalyst SD-WAN to its Known Exploited Vulnerabilities catalog
The U.S.
Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access
Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited ...
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fixed after the Cisco Catalyst SD-WAN C...
Cisco Catalyst SD-WAN Manager Vulnerabilities
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, el...
CVE-2026-20182: Critical authentication bypass in Cisco Catalyst SD-WAN Controller (FIXED)
Overview While researching a critical authentication bypass vulnerability, CVE-2026-20127, which was exploited in-the-wild, Rapid7 Labs discovered a new auth...
Cisco Crosswork Network Controller and Cisco Network Services Orchestrator Advisory
Following the initial publication of the Security Advisory about a denial of service (DoS) condition in Cisco Crosswork Network Controller and Cisco Network ...
CISA Adds One Known Exploited Vulnerability to Catalog
CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-20182 Cisco Cat...
Gentlemen RaaS Exploits Fortinet and Cisco Edge Devices for Initial Access
The Gentlemen ransomware-as-a-service (RaaS) operation is turning exposed Fortinet and Cisco edge devices into a fast lane into enterprise networks and doing...
Attackers Could Exploit AI Vision Models Using Imperceptible Image Changes
Cisco’s AI security researchers have analyzed ways to target vision-language models (VLMs) using pixel-level perturbation. The post Attackers Could Exploit A...
Cisco Network Flaw Exposes Devices to Remote Denial-of-Service Exploits
Cisco has issued a high-severity security advisory detailing a critical connection exhaustion vulnerability affecting its network management software. Tracke...
New Cisco DoS flaw requires manual reboot to revive devices
Cisco patched a Crosswork Network Controller and Network Services Orchestrator denial-of-service vulnerability that requires manually rebooting targeted syst...
Cisco Unity Connection Remote Code Execution and Server-Side Request Forgery Vulnerabilities
Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to execute arbitrary code on or conduct server-side request forgery (SSRF) a...
Cisco Enterprise Chat and Email Lite Agent File Upload Vulnerability
A vulnerability in the Lite Agent feature of Cisco Enterprise Chat and Email (ECE) could allow an authenticated, remote attacker to conduct browser-based att...
Cisco Identity Services Engine Authentication Bypass Vulnerabilities
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow a remote attacker to bypass authorization mechanisms or examine error messages t...
Cisco Prime Infrastructure Information Disclosure Vulnerability
A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log ...