Cisco and Five Eyes agencies are alerting organizations to a highly sophisticated attack, where threat actors compromise a Cisco SD-WAN controller via a zero-day flaw, downgrade the device to an earlier software version that is vulnerable to an older bug, before gaining root access and restoring the device to its original version.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2026/02/attackers-have-been-exploiting-cisco-sd-wan-zero-day-flaw-since-2023/
