Daily CyberSecurity (securityonline.info) ·EN-US News source Exploited in the wildCisco Catalyst SD-WAN Manager
Cisco SD-WAN Zero-Day Exploited in Attacks
CVE Tools coverage
An unnamed threat actor exploited a Cisco SD-WAN zero-day against service provider infrastructure, with Mandiant reporting evidence of compromise. The attackers targeted Cisco Catalyst SD-WAN Manager and used a malicious CSV upload path to trigger CVE-2026-20245, ultimately escalating to root-level control and conducting anti-forensic actions. Organizations running affected Cisco SD-WAN components should upgrade to the fixed releases listed by the vendor to eliminate CVE-2026-20245 risk and reduce further intrusion likelihood.