Tag: cisco
-
CVE-2026-20262: CISCO Catalyst SD-WAN Flaw Under Active Targeted Exploitation
Cisco warned that CVE-2026-20262, a Catalyst SD-WAN Manager vulnerability allowing arbitrary file writes, is being actively exploited. Cisco confirmed active exploitation of CVE-2026-20262, an arbitrary file write vulnerability affecting Catalyst SD-WAN Manager. CVE-2026-20262 (CVSS score of 6.5) is an arbitrary file write vulnerability in the web interface of Cisco Catalyst SD-WAN Manager. The flaw is…
-
Cisco discloses second exploited SD-WAN vulnerability in two weeks (CVE-2026-20262)
Cisco has revealed another Catalyst SD-WAN Manager vulnerability (CVE-2026-20262) that its Product Security Incident Response Team observed being exploited by attackers. But … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/16/cisco-sd-wan-cve-2026-20262-exploited/
-
U.S. CISA adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added Cisco Catalyst and LiteSpeed cPanel plugin flaws to its Known Exploited Vulnerabilities (KEV) catalog. The two flaws added to the catalog are: CVE-2026-20262 is an arbitrary…
-
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.The vulnerability, tracked as CVE-2026-20262, carries a CVSS score of 6.5 out of 10.0.”A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker…
-
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-fixes-sd-wan-vmanage-flaw-exploited-in-zero-day-attacks/
-
Cisco agentic AI security push faces enterprise trust gap
Cisco officials urged customers to “meet the Mythos moment” with new agentic defenses, but businesses’ mistrust of AI cuts both ways. First seen on techtarget.com Jump to article: www.techtarget.com/searchitoperations/news/366643790/Cisco-agentic-AI-security-push-faces-enterprise-trust-gap
-
Cisco customers encounter another SD-WAN zero-day under attack
The defect marks the seventh actively exploited zero-day in Cisco SD-WANs this year, and the vendor has yet to release a patch. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisco-sdwan-zero-day-vulnerability-exploited-cve202620245/
-
CVE-2026-20223 mit CVSS 10.0 in Cisco Secure Workload – Fehlende API-Authentifizierung gibt Angreifern Site-Admin-Rechte
First seen on security-insider.de Jump to article: www.security-insider.de/cve-2026-20223-cisco-secure-workload-cvss-10-api-site-admin-a-a6ef0186275a7d18e93bdd54e92ba67a/
-
Week in review: Cisco SD-WAN 0-day exploited, Patch Tuesday forecast
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: OWASP Agent Memory Guard: Stop AI agents from being weaponized through their … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/07/week-in-review-cisco-sd-wan-0-day-exploited-june-2026-patch-tuesday-forecast/
-
Cisco Warns Agentic AI Will Put New Pressure on Enterprise Networks
Cisco executives said agentic AI could triple network traffic, creating new infrastructure and security demands for enterprises. The post Cisco Warns Agentic AI Will Put New Pressure on Enterprise Networks appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-ai-networking-bottleneck/
-
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited No Patch Available
Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation.The vulnerability, tracked as CVE-2026-20245, carries a CVSS score of 7.8 out of a maximum of 10.0. It affects the following deployment types – On-Prem Deployment Cisco SD-WAN Cloud-Pro Cisco SD-WAN Cloud (Cisco Managed) Cisco SD-WAN for Government (FedRAMP)”A…
-
Another Cisco Catalyst SD-WAN Manager bug actively exploited
First seen on scworld.com Jump to article: www.scworld.com/news/another-cisco-catalyst-sd-wan-manager-bug-actively-exploited
-
NetApp and Cisco expand FlexPod for enterprise AI infrastructure
First seen on scworld.com Jump to article: www.scworld.com/brief/netapp-and-cisco-expand-flexpod-for-enterprise-ai-infrastructure
-
Cisco warns zero-day flaw in SD-WAN is being exploited
The company cautioned that no current patches are available and the flaw could allow an attacker to conduct command injection attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-zero-day-flaw-sd-wan-exploited/822138/
-
Cisco SD-WAN Has a New Root-Level Problem, and There’s No Fix Yet
Cisco warns of CVE-2026-20245 in SD-WAN Manager, a flaw that can lead to root access via file upload command injection; no patch or workaround yet. Cisco warns of a privilege escalation flaw, tracked as CVE-2026-20245 (CVSS base score of 7.8), in Cisco Catalyst SD-WAN Manager, the platform formerly known as SD-WAN vManage. An authenticated local…
-
Cisco SD-WAN 0-day exploited, no patch available (CVE-2026-20245)
A 0-day privilege escalation vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager that has yet to be patched by Cisco is being leveraged by attackers. >>To … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/05/cisco-sd-wan-cve-2026-20245-0-day-exploited/
-
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privilege escalation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-cisco-sd-wan-flaw-exploited-in-zero-day-attacks-to-gain-root/
-
Cisco SD-WAN Security Flaw Actively Exploited for Root-Level Command Execution
Cisco has disclosed a high-severity vulnerability in its Catalyst SD-WAN Manager that is actively being exploited in the wild, allowing attackers to execute arbitrary commands with root-level privileges on affected systems. The vulnerability, tracked as CVE-2026-20245, carries a CVSS score of 7.8 and is caused by improper input validation (CWE-116) within the command-line interface of…
-
Reporting from Vegas: Networking, AI, and good boys
Joe’s on-the-ground report from Cisco Live U.S. is here, complete with therapy dog pictures and tips on handling conference overstimulation. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/reporting-from-vegas-networking-ai-and-good-boys/
-
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root.It is tracked as CVE-2026-20230, and proof-of-concept exploit code is already public. Cisco’s PSIRT says it has not seen the flaw used in attacks yet. The PoC shortens…
-
Critical Cisco Unified CM Bug Patched as Public Exploit Code Emerges
Cisco patched a critical Unified CM flaw with public PoC code that allows unauthenticated attackers to launch SSRF attacks remotely. Cisco has addressed a high-severity vulnerability, tracked as CVE-2026-20230, affecting Unified CM and Unified CM SME. The flaw, caused by improper validation of certain HTTP requests, allows a remote attacker without authentication to perform server-side…
-
Hypotheses, telemetry, and human judgment: Inside Cisco Talos Threat Hunting
Learn how Cisco Talos Threat Hunting uses hypothesis-driven methods and multi-domain telemetry correlation to find stealthy threats operating below automated detection thresholds. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/hypotheses-telemetry-and-human-judgment-inside-cisco-talos-threat-hunting/
-
Cisco warns of critical Unified CM flaw with PoC exploit code
Cisco has released security updates to patch a critical-severity Unified Communications Manager (Unified CM) flaw that allows attackers to gain root privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-warns-of-critical-unified-cm-flaw-with-poc-exploit-code/
-
PoC Exploit Released for Cisco Unified Communications Manager Security Vulnerability
A proof-of-concept (PoC) exploit has been released for a critical server-side request forgery (SSRF) vulnerability impacting Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (Unified CM SME), increasing the likelihood of active exploitation in enterprise environments. Cisco Unified Manager Security Vulnerability Tracked as CVE-2026-20230 and detailed in Cisco advisory cisco-sa-cucm-ssrf-cXPnHcW, the…
-
ClawHub, Cisco, and Vercel Skill Detection Tools Evaded by Malicious Uploads
Security researchers have shown that AI skill security scanners from ClawHub, Cisco, and Vercel’s skills.sh can be reliably bypassed using simple techniques, raising serious concerns about agentic AI supply chain defenses. In tests conducted by Trail of Bits, multiple malicious skills designed to exfiltrate data, hijack agents, or execute arbitrary code were successfully uploaded and…
-
Cisco Live 2026: New Security Tools Target AI Threats
Cisco unveiled Cloud Control, Live Protect, and Hybrid Mesh Firewall at Cisco Live to help enterprises manage AI-era IT and security operations. The post Cisco Live 2026: New Security Tools Target AI Threats appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-cisco-cloud-control-agentic-ai-security/
-
Cisco refines its risk-based vulnerability disclosure for the AI era
Security teams already struggle with long lists of vulnerabilities and limited time to patch them. Cisco believes AI could increase that pressure by accelerating vulnerability … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/25/cisco-risk-based-vulnerability-disclosure-ai/
-
Cisco warns of AI inaccuracies in security incident reports
First seen on scworld.com Jump to article: www.scworld.com/brief/cisco-warns-of-ai-inaccuracies-in-security-incident-reports
-
Cisco patches critical 10.0 flaw in Secure Workload APIs
First seen on scworld.com Jump to article: www.scworld.com/news/cisco-patches-critical-100-flaw-in-secure-workload-apis