Cisco has released a patch for a critical zero-day vulnerability, CVE-2026-20182, affecting its Catalyst SD-WAN Controller and Manager, which could allow unauthenticated remote attackers to bypass authentication and gain admin privileges. The vulnerability, discovered by researchers at Rapid7, has a severity score of 10.0, indicating a high level of risk. Cisco has made fixes available for all deployment types, and administrators are advised to apply the patch as soon as possible. The bug is considered particularly dangerous as it requires no authentication to exploit, making it a prime target for malicious actors1. This vulnerability is currently being discussed by Cisco, and its exploitation status will determine whether it's a patch-now or monitor situation. The fact that a patch is already available makes it crucial for practitioners to prioritize this update to prevent potential attacks, as exploiting this vulnerability could have severe consequences for network security.
Patch time for Cisco SD-WAN admins as vendor drops yet another make-me-admin zero-day
⚠️ Critical Alert
Why This Matters
CVE-2026-20182 is in active discussion involving Cisco — exploitation status determines whether this is patch-now or monitor.
References
- The Register. (2026, May 15). Patch time for Cisco SD-WAN admins as vendor drops yet another make-me-admin zero-day. *The Register*. https://www.theregister.com/patches/2026/05/15/cisco-discloses-yet-another-sd-wan-make-me-admin-0-day/5241071
Original Source
The Register
Read original →