Tag

Cve 2026 20127

All articles tagged with #cve 2026 20127

security3 hours ago•3 min saved

CISA Warns of Active Cisco SD-WAN Exploitation, Orders Immediate Remediation Across Agencies

CISA and international partners issued an alert about ongoing exploitation of Cisco SD-WAN vulnerabilities (CVE-2026-20127 and CVE-2022-20775), adding the first to the KEV catalog, and mandated federal agencies under Emergency Directive 26-03 to inventory, patch, collect artifacts, and hunt for evidence of compromise, while Cisco and partner agencies publish hardening and threat-hunting guidance.

via CISA (.gov)|

#cisa #cve-2022-20775 #cve-2026-20127

technology3 hours ago•6 min saved

Cisco SD-WAN auth flaw fuels years-long zero-day campaigns, urgent patch urged

Cisco warns of a critical authentication-bypass vulnerability in Catalyst SD-WAN (CVE-2026-20127) that attackers actively exploited since 2023 to log in as a high-privilege user, insert rogue peers, and potentially gain root access. Government advisories (CISA and UK NCSC) issued urgent directives; Cisco released updates but says no workaround fully mitigates the issue. Organizations should harden exposed interfaces, review logs for anomalous peering, and patch promptly.

via BleepingComputer|

#cisco #cve-2026-20127 #cybersecurity