CVE Tools
Back to feed
The Hacker News ·EN News source Exploited in the wild UAT-8616Catalyst SD-WAN ManagervManageSD-WAN vManage

Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw

By The Hacker News··3 min read
CVE Tools coverage

Cisco has released security updates for CVE-2026-20262, a medium-severity vulnerability in the web UI of Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) that is being actively exploited in the wild. The issue can let an authenticated remote attacker abuse a file upload path-handling weakness to create or overwrite files on the device’s filesystem, which may be leveraged toward higher privileges depending on attacker access. The fix is available across multiple Cisco Catalyst SD-WAN releases, including Cisco Catalyst SD-WAN Release 20.9.9.2, 20.12.7.2, 20.15.4.5, 20.15.5.3, 20.18.3.1, and 26.1.1.2, covering Cisco Catalyst SD-WAN Manager On-Prem, Cisco SD-WAN Cloud-Pro, Cisco SD-WAN Cloud (Cisco Managed), and Cisco SD-WAN for Government (FedRAMP).