Main Vulnerability Database SB20260514104

SB20260514104 - Authentication bypass in Cisco Catalyst SD-WAN Controller

Published: May 14, 2026

Security Bulletin ID SB20260514104

CSH Severity

Critical

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Code execution

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 vulnerability.

1) Improper authentication (CVE-ID: CVE-2026-20182)

The vulnerability allows a remote attacker to bypass authentication and obtain administrative privileges.

The vulnerability exists due to improper authentication in the peering authentication mechanism when handling control connection handshaking requests. A remote attacker can send crafted requests to bypass authentication and obtain administrative privileges.

A successful exploit could allow access as an internal, high-privileged, non-root user account and subsequent access to NETCONF to manipulate SD-WAN fabric configuration.

Note, the vulnerability is being actively exploited in the wild.

Remediation

Install update from vendor's website.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW