Medium severity6.5CISA KEVNVD Advisory· Published Feb 25, 2026· Updated Apr 22, 2026

CVE-2026-20133

Description

A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.

Affected products

Cisco Systems, Inc./Catalyst Sd Wan Manager2 versions
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*range: <20.9.8.2
- cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.6:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4vnvdVendor Advisory
www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource

News mentions

Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182)
Tenable Blog · May 15, 2026
Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilities
Cisco Talos Intelligence · May 14, 2026

cvss	0.423
epss	0.001
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.000