Source: Ministry of education information & communication security contingency platform
"" "" ""
| Publication Number | TACERT-ANA-2026051809053535 | Publication Time | 2026-05-18 09:28:36 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2026-05-18 09:28:36 |
| Impact Level | Low | ||
| [Subject] 【Vulnerability Alert】Cisco Catalyst SD-WAN Has a Critical Information Security Vulnerability (CVE-2026-20182) |
|||
| [Content]
Forwarded from TWCERTCC Information Security Alert TWCERTCC-200-202605-00000011 Cisco Catalyst SD-WAN is Cisco’s cloud-centric software-defined wide area network architecture. It provides centralized management, secure encryption, and application performance optimization to ensure reliable connectivity in multi-cloud environments. Cisco recently released a critical information security advisory. 【CVE-2026-20182, CVSS: 10.0】This vulnerability exists in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage). It allows remote attackers to send specially crafted requests to bypass authentication and obtain an internal high-privilege account (non-root). Attackers may subsequently use the high-privilege account to access NETCONF, modify the SD-WAN network architecture configuration, create malicious network nodes, and further attack enterprise/organization networks. Note: Cisco Catalyst SD-WAN Controller (formerly vSmart) and Cisco Catalyst SD-WAN Manager (formerly vManage) have been found to be actively exploited in attack activities. Please take response measures as soon as possible. Information sharing level: WHITE (the intelligence content is information that can be publicly disclosed) |
|||
| [Affected Platform]
Cisco Catalyst SD-WAN On-Prem Deployment Cisco SD-WAN Cloud-Pro Cisco SD-WAN Cloud (Cisco Managed) Cisco SD-WAN for Government (FedRAMP) |
|||
| [Recommended Actions]
Apply patches according to the solution released on the official website: |
|||
|
[Reference] |
|||