anonhaven
Ad

CVE-2026-20127

CRITICAL CVSS 3.1: 10.0 EPSS 0.86% ACTIVE EXPLOIT
Updated Feb 26, 2026
Cisco

CISA Known Exploited Vulnerability (KEV)

This vulnerability is actively exploited in the wild. Immediate patching is strongly recommended.

Due Date: Feb 27, 2026

Parameter Value
CVSS 10.0 (CRITICAL)
Affected Versions 20.11 — 20.9.8.2
Fixed In 20.9.8.2
Type CWE-287 (Improper Authentication)
Vendor Cisco
Public PoC Yes

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system.

A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. 

Attack Parameters

Attack Vector
Network
Can be exploited remotely
Attack Complexity
Low
Easy to exploit
Privileges Required
None
No privileges needed
User Interaction
None
No user interaction needed

Impact Assessment

Confidentiality
High
Complete data leak
Integrity
High
Complete data modification
Availability
High
Complete denial of service

CVSS Vector v3.1

Weakness Type (CWE)

CWE-287 Improper Authentication

Vulnerable Products 10

Configuration From (including) Up to (excluding)
Cisco Catalyst_Sd-Wan_Manager
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
 20.9.8.2
Cisco Catalyst_Sd-Wan_Manager
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
 20.11 20.12.5.3
Cisco Catalyst_Sd-Wan_Manager
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
 20.13 20.15.4.2
Cisco Catalyst_Sd-Wan_Manager
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
 20.16 20.18.2.1
Cisco Catalyst_Sd-Wan_Manager
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.6:*:*:*:*:*:*:*
Cisco Sd-Wan_Vsmart_Controller
cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*
 20.9.8.2
Cisco Sd-Wan_Vsmart_Controller
cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*
 20.11 20.12.5.3
Cisco Sd-Wan_Vsmart_Controller
cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*
 20.13 20.15.4.2
Cisco Sd-Wan_Vsmart_Controller
cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*
 20.16 20.18.2.1
Cisco Sd-Wan_Vsmart_Controller
cpe:2.3:a:cisco:sd-wan_vsmart_controller:20.12.6:*:*:*:*:*:*:*

References 2

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/c…
psirt@cisco.com
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026…
134c704f-9b21-4f2e-91b3-4a467353bcc0
Share Post Share Share Share

Related Vulnerabilities

CVE-2026-20131

Cisco

10.0

CVE-2026-20128

Cisco

7.5

CVE-2025-20393

Cisco

10.0

CVE-2025-20353

Cisco

6.1

CVE-2025-20349

Cisco

6.3