Bright Nexus

Published on June 16, 2026

[CVE-2026-20262] Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw

Severity
Medium

Detail

Cisco has released security updates to address an actively exploited vulnerability affecting Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage). The vulnerability, tracked as CVE-2026-20262, has a CVSS score of 6.5 (Medium Severity) and may allow an authenticated remote attacker to create or overwrite files on the underlying operating system of an affected device.

Cisco stated that an attacker could exploit the vulnerability by sending crafted HTTP requests to an affected API endpoint. Successful exploitation could allow the attacker to create or overwrite files on the underlying operating system.

The vulnerability could potentially be leveraged to obtain root privileges. However, successful exploitation requires the attacker to already possess valid credentials with at least write access.

Affected Products

The vulnerability impacts the following products regardless of the deployment type: –

  • Cisco Catalyst SD-WAN Manager On-Prem
  • Cisco SD-WAN Cloud-Pro
  • Cisco SD-WAN Cloud (Cisco Managed)
  • Cisco SD-WAN for Government (FedRAMP)

Recommendation

To fully address the vulnerability and prevent future exposure associated with CVE-2026-20262, Cisco strongly recommends that affected customers upgrade to a software release that includes the security fix.

Cisco noted that the fixed release information published in the advisory was accurate at the time of publication. Customers are advised to refer to the advisory and the associated bug ID details for the most complete and up-to-date information regarding affected releases and available fixes.

Patches have been released to address the issue as per below: –

  • Cisco Catalyst SD-WAN Release 20.9.9.1 and earlier – Fixed in 20.9.9.2
  • Cisco Catalyst SD-WAN Release 20.12.7.1 and earlier – Fixed in 20.12.7.2
  • Cisco Catalyst SD-WAN Release 20.15.4.4 and earlier – Fixed in 20.15.4.5
  • Cisco Catalyst SD-WAN Release 20.15.5.2 and earlier – Fixed in 20.15.5.3
  • Cisco Catalyst SD-WAN Release 20.18.3 – Fixed in 20.18.3.1
  • Cisco Catalyst SD-WAN Release 26.1.1.1 and earlier – Fixed in 26.1.1.2

Source
https://thehackernews.com/2026/06/cisco-releases-security-updates-for.html
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-arbfw-c2rZvQ
https://www.helpnetsecurity.com/2026/06/16/cisco-sd-wan-cve-2026-20262-exploited/