"Cisco Catalyst SD-WAN Controller Auth Bypass Actively Exploited to Gain Admin Access"

Cisco has released updates to address a maximum-severity authentication bypass flaw in Catalyst SD-WAN Controller that it said has been exploited in limited attacks. The vulnerability, tracked as CVE-2026-20182, carries a CVSS score of 10.0. "A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly 출처: [The Hacker News](https://thehackernews.com/2026/05/cisco-catalyst-sd-wan-controller-auth.html)