Cisco has revealed another Catalyst SD-WAN Manager vulnerability (CVE-2026-20262) that its Product Security Incident Response Team observed being exploited by attackers. But the associated security advisory also states that “the vulnerability was found during internal security testing”, raising the question of how attackers came to exploit it before Cisco had disclosed it publicly. The vulnerability (CVE-2026-20262) Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) is the management plane for the entire Cisco SD-WAN fabric. CVE-2026-20262 is … More

The post Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262) appeared first on Help Net Security.