Medium severity6.5CISA KEVNVD Advisory· Published Feb 25, 2026· Updated Apr 22, 2026
CVE-2026-20133
CVE-2026-20133
Description
A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*range: <20.9.8.2
- cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.6:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2- sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4vnvdVendor Advisory
- www.cisa.gov/known-exploited-vulnerabilities-catalognvdUS Government Resource
News mentions
15- Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)Help Net Security · Jun 16, 2026
- Cisco Patches Another SD-WAN Zero-Day Exploited in AttacksSecurityWeek · Jun 16, 2026
- Cisco Releases Security Updates for Actively Exploited SD-WAN Manager FlawThe Hacker News · Jun 16, 2026
- Cisco fixes SD-WAN vManage flaw exploited in zero-day attacksBleepingComputer · Jun 15, 2026
- Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch AvailableThe Hacker News · Jun 6, 2026
- Yet another Cisco SD-WAN 0-day under attack, and no patch in sightThe Register Security · Jun 5, 2026
- Cisco warns of unpatched SD-WAN zero-day exploited in attacksBleepingComputer · Jun 5, 2026
- Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026SecurityWeek · Jun 5, 2026
- New Cisco SD-WAN Zero-Day Grants Admin AccessGovInfoSecurity · May 19, 2026
- Cisco zero-day under ongoing attack by persistent threat groupCyberScoop · May 15, 2026
- Cisco patches another actively exploited SD-WAN zero-day (CVE-2026-20182)Help Net Security · May 15, 2026
- Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026SecurityWeek · May 15, 2026
- CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access ExploitsThe Hacker News · May 15, 2026
- Frequently asked questions about the continued exploitation of Cisco Catalyst SD-WAN vulnerabilities (CVE-2026-20182)Tenable Blog · May 15, 2026
- Ongoing exploitation of Cisco Catalyst SD-WAN vulnerabilitiesCisco Talos Intelligence · May 14, 2026