Cisco warns of actively exploited security vulnerability

Cisco has announced a serious security vulnerability in its Catalyst SD-WAN Manager that is currently being actively exploited. The vulnerability, identified as CVE-2026-20245, has a CVSS score of 7.8 on a scale of 10.0. This high rating indicates a significant risk to affected systems.

The security vulnerability affects several deployment types, including the On-Prem Deployment version, Cisco SD-WAN Cloud-Pro, Cisco SD-WAN Cloud (Cisco Managed), and Cisco SD-WAN for Government Applications (FedRAMP). Companies using these systems are particularly at risk, as the vulnerability is actively being exploited by attackers.

Cisco has not yet provided a patch to address the security vulnerability. This means that affected companies and organizations currently have no way to close the vulnerability, increasing the urgency to implement appropriate security measures. The situation requires swift action to minimize potential damage.

Details of the Vulnerability

The exact nature of the vulnerability has not been detailed by Cisco; however, it is known that it can have significant implications for the security of the affected systems. Attackers could potentially gain unauthorized access to sensitive data or take control of the affected systems. This could lead to data loss or corruption.

The affected products are widely used in many companies and organizations, increasing the reach of potential attacks. In particular, the use of Cisco SD-WAN in government applications underscores the importance of security precautions, as especially sensitive data is processed here.

The security alert from Cisco comes at a time when cyberattacks on companies and institutions worldwide are increasing. The threat posed by such vulnerabilities has significantly risen in recent years, highlighting the need to regularly review and update security protocols and measures.

Recommended Actions for Companies

Although Cisco does not provide a patch, the company recommends that affected users take immediate action to protect their systems. This includes reviewing network security and implementing additional security measures to fend off potential attacks. Companies should also adjust their security policies to respond to the current threat landscape.

The situation highlights the challenges companies face in the field of cybersecurity. Given the active exploitation of the vulnerability, it is crucial for companies to remain vigilant and continuously adapt their security strategies. The threat of cybercrime requires a proactive approach to security.

The vulnerability CVE-2026-20245 is another example of the complexity of the modern IT security landscape. Companies must be aware of the risks and take appropriate measures to protect their systems. Cisco will continue to inform users about developments regarding this vulnerability.