Attackers exploit critical flaw in Cisco Catalyst SD-WAN Controller
Researchers discovered the authentication bypass vulnerability while investigating a prior issue in the same service.
Published May 15, 2026
David Jones
Reporter
Share
License
Add us on Google
A Cisco office in San Jose, California on April 11, 2025. Researchers warn that hackers are targeting a critical vulnerability in Cisco Catalyst SD-WAN Controller. Getty Images
A critical vulnerability in Cisco Catalyst SD-WAN Controller is facing active exploitation almost immediately after security researchers publicly disclosed the flaw.
The vulnerability, tracked as CVE-2026-20182, is an authentication bypass vulnerability, which has a severity score of 10, which is considered the highest potential rating. The flaw could allow an attacker to circumvent authentication procedures and gain administrative privileges on an affected server.
Cisco on Thursday released an advisory for the newly discovered vulnerability and issued security updates to address the flaw, and the Cybersecurity and Infrastructure Security Agency added the CVE to its Known Exploited Vulnerabilities catalog.
Cisco Talos, the threat intelligence arm of Cisco, said the current exploitation activity thus far has been limited and they are clustering the activity to an actor tracked as UAT-8616. They warned the attacker had been involved in exploitation of another recently disclosed vulnerability, which is designated as CVE-2026-20127.
Researchers at Rapid7 discovered the latest vulnerability in Cisco Catalyst SD-WAN Controller while investigating CVE-2026-20127, which was being exploited by the same hackers. This latest vulnerability affects the “vdaemon” service over DTLS, which Rapid7 said is the same service that contained the earlier flaw.
Rapid7 cautioned, however, that the newly discovered vulnerability is not a patch bypass of CVE-2026-20127, but a different issue that is located in the same part of the daemon networking stack.
Add us on Google
Share
Filed Under: Vulnerability, Threats