A critical authentication bypass flaw, CVE-2026-20182, in Cisco Catalyst SD-WAN Controllers is already being actively exploited. Assigned a maximum severity score of 10, this vulnerability allows attackers to bypass login checks and obtain administrative access. Although Cisco released patches and an advisory on Thursday, the Cybersecurity and Infrastructure Security Agency (CISA) has immediately added the issue to its Known Exploited Vulnerabilities catalog due to the urgent threat. Organizations running affected systems should apply updates immediately to prevent unauthorized control of their infrastructure.
