Cisco Warns of Extra Catalyst SD-WAN Flaws Exploited within the Wild – Cyber Tech
Cisco is warning clients that two lately patched Catalyst SD-WAN vulnerabilities are being exploited within the wild.
The networking big knowledgeable clients on February 25 concerning the availability of patches for 5 Catalyst SD-WAN flaws, together with vital and high-severity points that may be exploited to entry weak methods and elevate privileges to root.
Cisco up to date its advisory on March 5 to warn that it has grow to be conscious of energetic exploitation for 2 of the 5 vulnerabilities: CVE-2026-20128 and CVE-2026-20122.
CVE-2026-20128 is an info disclosure problem affecting the Information Assortment Agent (DCA) function of Catalyst SD-WAN Supervisor, permitting an authenticated, native attacker to realize DCA consumer privileges on the focused system.
CVE-2026-20122 is an arbitrary file overwrite bug affecting the API of the Catalyst SD-WAN Supervisor. It permits a distant, authenticated attacker to overwrite arbitrary recordsdata on the system and acquire elevated privileges.
Cisco has not shared any particulars on the assaults exploiting these vulnerabilities, however its description signifies they’ve been chained with different flaws.
The corporate’s announcement comes roughly every week after it warned clients {that a} vital zero-day vulnerability affecting Catalyst SD-WAN has been exploited within the wild.
Tracked as CVE-2026-20127, that safety gap will be exploited remotely to bypass authentication and procure admin privileges on a weak machine.
CISA and different cybersecurity companies reported that CVE-2026-20127 has been chained with an older Catalyst vulnerability, CVE-2022-20775, to bypass authentication, escalate privileges, and set up persistence on the focused system.
Cisco Talos linked these assaults to UAT-8616, a extremely refined menace actor that has been energetic since at the least 2023.
It’s unclear if all of those Catalyst SD-WAN vulnerabilities have been exploited in the identical or totally different campaigns.
Cisco additionally warned lately about zero-day assaults carried out by a China-linked APT tracked as UAT-9686.
Associated: Cisco Patches Vital Vulnerabilities in Enterprise Networking Merchandise
Associated: Cisco, F5 Patch Excessive-Severity Vulnerabilities
Associated: Hackers Focusing on Cisco Unified CM Zero-Day
Mozilla Drops Onerep After CEO Admits to Operating Individuals-Search Networks – Krebs on Safety – Cyber Tech
Hackers Hit Indian Protection, Power Sectors with Malware Posing as Air Pressure Invite – Cyber Tech
Hackers Goal macOS Customers with Malicious Adverts Spreading Stealer Malware – Cyber Tech
About The Author
admin
Azeem Rajpoot, the author behind This Blog, is a passionate tech enthusiast with a keen interest in exploring and sharing insights about the rapidly evolving world of technology. With a background in Blogging, Azeem Rajpoot brings a unique perspective to the blog, offering in-depth analyses, reviews, and thought-provoking articles. Committed to making technology accessible to all, Azeem strives to deliver content that not only keeps readers informed about the latest trends but also sparks curiosity and discussions. Follow Azeem on this exciting tech journey to stay updated and inspired.
