Cisco warns of unpatched SD-WAN zero-day exploited in attacks

Friday, June 5, 2026 at 06:24 AM UTC·Source: BleepingComputer

Updated: Friday, June 5, 2026 at 07:01 AM UTC

Executive Summary

On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. [...]

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-20245

NVD MITRE CVE

Source Attribution

Originally published by BleepingComputer on Jun 5, 2026.

Related Threats

CRITICALZero Day

June Patch Tuesday marks a ‘new normal’ with over 200 CVEs, 32 rated ‘critical’

June’s Patch Tuesday security updates have arrived, with SAP fixing four critical vulnerabilities and Microsoft addressing over 200 CVEs. Microsoft’s to-do list includes fixes for three zero days, 32 patches rated as ‘critical’, and a batch of other high-risk vulnerabilities that need urgent assessment. There’s also one older flaw under exploit, and some patches affecting enterprise products for w

CVE-2026-45586CVE-2026-50507

1h agoCSO Online

LOWVulnerability

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation. The list of vulnerabilities is as follows - CVE-2026-20245 (CVSS score: 7.8) - An improper encoding or escaping of output vulnerability in Cisco Catalyst SD-WAN Manager that could allow an

CVE-2026-20245

2h agoThe Hacker News

CRITICALZero Day

Microsoft patches Exchange Server zero-day exploited in attacks

Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site scripting (XSS) attacks targeting Outlook Web Access users. [...]

3h agoBleepingComputer