CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits — Ravie LakshmananMay 15, 2026Vulnerability / Credential Theft [https://blogger.goo

What’s new: CISA has added CVE-2026-20182, a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller, to its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability allows unauthenticated remote attackers to gain administrative access. It has a CVSS score of 10.0, indicating maximum severity. Federal agencies are required to remediate this issue by May 17, 2026.

Who’s affected

Organizations using Cisco Catalyst SD-WAN Controller and Manager are at risk, particularly those within the Federal Civilian Executive Branch (FCEB) that must comply with CISA’s remediation deadline.

What to do

Immediately assess your environment for the presence of Cisco Catalyst SD-WAN Controller and Manager.
Apply patches or mitigations as recommended by Cisco to address CVE-2026-20182.
Monitor for signs of exploitation, including unauthorized access attempts and modifications to configurations.

Sources

The Hacker News

CISA Adds Cisco SD-WAN CVE-2026-20182 to KEV After Admin Access Exploits

Who’s affected

What to do

Sources

Related Posts:

“NSAuditor AI EE 0.6.6 Launches BFS Graph-Walk to Mitigate AWS Security Group Vulnerabilities”

“NSAuditor AI EE 0.6.6 Launches with Advanced Security Features to Combat Multi-Hop Threats”

NSAuditor AI EE 0.6.5: sessionToken Sweep + Dead-Target Liveness Probes Close Two Real-World Audit Gaps

“NSAuditor AI EE 0.6.6 Launches BFS Graph-Walk to Mitigate AWS Security Group Vulnerabilities”