Reports
AI-generated structured vendor updates
Google
Other
2026-06-24
Mandiant Reveals Cisco SD-WAN Manager Zero-Day: Control Plane Becomes Prime Target
Mandiant identified a zero-day (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager exploited via malicious CSV upload to escalate to root. The intrusion involved rogue peering, credential manipulation, and anti-forensic cleanup. This highlights SD-WAN centralized control planes as a new attack surface for advanced threats.
Cisco
Other
2026-05-16
Cisco AI Orders Surge to $9B, but SD-WAN Zero-Day for Third Year Reveals Systemic Security Gap
Cisco Q3 FY2026 raises AI infra order target to $9B, yet a CVSS 10.0 authentication bypass zero-day in SD-WAN Controller (CVE-2026-20182) is exploited by the same APT for the third consecutive year. This reveals a systemic gap in Cisco's security engineering as it pivots to AI, and a fundamental flaw in SD-WAN control plane architecture.