{"id":268529,"date":"2026-06-09T10:07:00","date_gmt":"2026-06-09T14:07:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/09\/cisco-customers-encounter-another-sd-wan-zero-day-under-attack\/"},"modified":"2026-06-09T13:31:33","modified_gmt":"2026-06-09T17:31:33","slug":"cisco-customers-encounter-another-sd-wan-zero-day-under-attack","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/09\/cisco-customers-encounter-another-sd-wan-zero-day-under-attack\/","title":{"rendered":"Cisco customers encounter another SD-WAN zero-day under attack"},"content":{"rendered":"<p><a href=\"https:\/\/cyberscoop.com\/cisco-sdwan-zero-day-vulnerability-exploited-cve202620245\/\">Cisco customers encounter another SD-WAN zero-day under attack<\/a><\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/cisco-sdwan-zero-day-vulnerability-exploited-cve202620245\/\">https:\/\/cyberscoop.com\/cisco-sdwan-zero-day-vulnerability-exploited-cve202620245\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-09 10:07:00<\/a><\/p>\n<p>Source Domain: <a href=\"cyberscoop.com\">cyberscoop.com<\/a><\/p>\n<p>Cisco customers are confronting yet another actively exploited zero-day vulnerability affecting the vendor\u2019s SD-WAN management software, reinforcing pressure on organizations that have experienced rare breaks from active threats this year.<\/p>\n<p>The vulnerability \u2014 CVE-2026-20245 \u2014 marks the seventh actively exploited zero-day in Cisco SD-WANs this year.<\/p>\n<p>Cisco said it first became aware of active exploitation of the latest defect in the network management software earlier this month. The company disclosed the vulnerability, which was first spotted by Mandiant, on Thursday and warned that a security patch is not yet available and there are no workarounds to mitigate the defect in the meantime.<\/p>\n<p>\u201cA patch for this vulnerability will be provided on a future date,\u201d a company spokesperson said in a statement.\u00a0<\/p>\n<p>Cisco did not attribute the attacks to any specific group, describe the objectives of those attacks or share how many organizations have already been impacted.<\/p>\n<p>The validation error defect affecting the Cisco Catalyst SD-WAN Manager allows authenticated or local attackers to execute commands as root, resulting in command-injection attacks on an affected system, the company said.<\/p>\n<p>Yet, the scope of potential impact may be limited because exploitation requires valid credentials or privileged access through other means. Cisco said exploitation of a pair of zero-days it disclosed earlier this year \u2014\u00a0 CVE-2026-20182 or CVE-2026-20127 \u2014 could allow attackers the access required to exploit the new vulnerability.\u00a0<\/p>\n<p>The company said it is \u201cnot aware of successful exploitation by other means,\u201d adding that it \u201cobserved limited cases where the exploitation of this bug resulted in a configuration change pushed to edge devices.\u201d<\/p>\n<p>Landon Rice, senior exploit developer at VulnCheck, said the need for existing privileges \u201cmakes an attacker heavily reliant on previous vulnerabilities, or a net-new initial access vector, in order&#8230;<\/p>\n<p><a href=\"https:\/\/cyberscoop.com\/cisco-sdwan-zero-day-vulnerability-exploited-cve202620245\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cisco customers encounter another SD-WAN zero-day under attack https:\/\/cyberscoop.com\/cisco-sdwan-zero-day-vulnerability-exploited-cve202620245\/ Publish Date: 2026-06-09 10:07:00 Source Domain:&#8230;<\/p>\n","protected":false},"author":1,"featured_media":268530,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/cyberscoop.com\/wp-content\/uploads\/sites\/3\/2023\/10\/GettyImages-1127349614.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[31,27],"class_list":["post-268529","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-exploit","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/268529"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=268529"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/268529\/revisions"}],"predecessor-version":[{"id":268531,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/268529\/revisions\/268531"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/268530"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=268529"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=268529"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=268529"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}