Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Root Access

Cisco disclosed CVE-2026-20127, a critical zero-day vulnerability in Catalyst SD-WAN Controller and Manager, on February 25, 2026. Attackers exploited it since at least 2023 to bypass authentication and gain high-privileged access. Urgent patching is essential as exploitation continues in limited attacks. Vulnerability Details This flaw affects the peering authentication mechanism in Cisco Catalyst SD-WAN Controller […] The post Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Root Access appeared first on VPN Central.