CVE-2026-20122KEVEXPLOITEDPATCHED

cis · catalyst_sd-wan_manager

Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability

Description

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This vulnerability is due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges.

Affected Products

Vendor	Product	Versions
cis	catalyst_sd-wan_manager	20.1.12, 19.2.1, 18.4.4, 18.4.5, 20.1.1.1, 20.1.1, 19.3.0, 19.2.2, 19.2.099, 18.3.6, 18.3.7, 19.2.0, 18.3.8, 19.0.0, 19.1.0, 18.4.302, 18.4.303, 19.2.097, 19.2.098, 17.2.10, 18.3.6.1, 19.0.1a, 18.2.0, 18.4.3, 18.4.1, 17.2.8, 18.3.3.1, 18.4.0, 18.3.1, 17.2.6, 17.2.9, 18.3.4, 17.2.5, 18.3.1.1, 18.3.5, 18.4.0.1, 18.3.3, 17.2.7, 17.2.4, 18.3.0, 19.2.3, 18.4.501_ES, 20.3.1, 20.1.2, 19.2.929, 19.2.31, 20.3.2, 19.2.32, 20.3.2_925, 20.3.2.1, 20.3.2.1_927, 18.4.6, 20.1.2_937, 20.4.1, 20.3.2_928, 20.3.2_929, 20.4.1.0.1, 20.3.2.1_930, 19.2.4, 20.5.0.1.1, 20.4.1.1, 20.3.3, 19.2.4.0.1, 20.3.2_937, 20.3.3.1, 20.5.1, 20.1.3, 20.3.3.0.4, 20.3.3.1.2, 20.3.3.1.1, 20.4.1.2, 20.3.3.0.2, 20.4.1.1.5, 20.4.1.0.01, 20.4.1.0.02, 20.3.3.1.7, 20.3.3.1.5, 20.5.1.0.1, 20.3.3.1.10, 20.3.3.0.8, 20.4.2, 20.4.2.0.1, 20.3.4, 20.3.3.0.14, 19.2.4.0.8, 19.2.4.0.9, 20.3.4.0.1, 20.3.2.0.5, 20.6.1, 20.5.1.0.2, 20.3.3.0.17, 20.6.1.1, 20.6.0.18.3, 20.3.2.0.6, 20.6.0.18.4, 20.4.2.0.2, 20.3.3.0.16, 20.3.4.0.5, 20.6.1.0.1, 20.3.4.0.6, 20.6.2, 20.7.1EFT2, 20.3.4.0.9, 20.3.4.0.11, 20.4.2.0.4, 20.3.3.0.18, 20.7.1, 20.6.2.1, 20.3.4.1, 20.5.1.1, 20.4.2.1, 20.4.2.1.1, 20.3.4.1.1, 20.3.813, 20.3.4.0.19, 20.4.2.2.1, 20.5.1.2, 20.3.4.2, 20.3.814, 20.4.2.2, 20.6.2.2, 20.3.4.2.1, 20.7.1.1, 20.3.4.1.2, 20.6.2.2.2, 20.3.4.0.20, 20.6.2.2.3, 20.4.2.2.2, 20.3.5, 20.6.2.0.4, 20.4.2.2.3, 20.3.4.0.24, 20.6.2.2.7, 20.6.3, 20.3.4.2.2, 20.4.2.2.4, 20.7.1.0.2, 20.8.1, 20.3.5.0.8, 20.3.5.0.9, 20.4.2.2.8, 20.3.5.0.7, 20.6.3.0.7, 20.6.3.0.5, 20.6.3.0.10, 20.6.3.0.2, 20.7.2, 20.9.1EFT2, 20.6.3.0.11, 20.6.3.1, 20.6.3.0.14, 20.6.4, 20.9.1, 20.6.3.0.19, 20.6.3.0.18, 20.3.6, 20.9.1.1, 20.6.3.0.23, 20.6.4.0.4, 20.6.3.0.25, 20.6.5, 20.6.3.0.27, 20.9.2, 20.9.2.1, 20.6.3.0.29, 20.6.3.0.31, 20.6.3.0.32, 20.10.1, 20.6.3.0.33, 20.9.2.0.01, 20.9.1_LI_Images, 20.10.1_LI_Images, 20.9.2_LI_Images, 20.3.7, 20.9.3, 20.6.5.1, 20.11.1, 20.11.1_LI_Images, 20.9.3_LI_ Images, 20.6.3.1.1, 20.9.3.0.2, 20.6.5.1.2, 20.9.3.0.3, 20.4.2.3, 20.6.3.2, 20.6.4.1, 20.6.3.0.38, 20.6.3.0.39, 20.3.5.1, 20.3.4.3, 20.9.3.1, 20.3.3.2, 20.6.5.2, 20.3.7.1, 20.10.1.1, 20.6.5.2.1, 20.3.4.0.25, 20.6.2.2.4, 20.6.1.2, 20.11.1.1, 20.9.3.0.5, 20.3.4.0.26, 20.6.5.1.3, 20.6.3.0.40, 20.1.3.1, 20.9.2.2, 20.6.5.2.3, 20.6.5.1.4, 20.6.5.3, 20.6.3.0.41, 20.9.3.0.7, 20.6.5.1.5, 20.9.3.0.4, 20.6.4.0.19, 20.6.5.1.6, 20.9.3.0.8, 20.6.3.3, 20.3.7.2, 20.6.5.4, 20.6.5.1.7, 20.9.3.0.12, 20.6.4.2, 20.6.5.5, 20.9.3.2, 20.11.1.2, 20.6.3.4, 20.10.1.2, 20.6.5.1.9, 20.9.3.0.16, 20.6.3.0.45, 20.6.5.1.10, 20.9.3.0.17, 20.6.5.2.4, 20.6.4.0.21, 20.9.3.0.18, 20.6.3.0.46, 20.6.3.0.47, 20.9.2.3, 20.9.3.2_LI_Images, 20.9.3.0.21, 20.9.3.0.20, 20.9.4_LI_Images, 20.9.4, 20.6.5.1.11, 20.12.1, 20.12.1_LI_Images, 20.6.5.1.13, 20.9.3.0.23, 20.6.5.2.8, 20.9.4.1, 20.9.4.1_LI_Images, 20.9.3.0.25, 20.9.3.0.24, 20.6.5.1.14, 20.3.8, 20.6.6, 20.9.3.0.26, 20.6.3.0.51, 20.9.3.0.29, 20.12.2, 20.12.2_LI_Images, 20.6.6.0.1, 20.13.1_LI_Images, 20.9.4.0.4, 20.13.1, 20.9.4.1.1, 20.9.5, 20.9.5_LI_Images, 20.12.3_LI_Images, 20.12.3, 20.9.4.1.3, 20.6.7, 20.9.5.1, 20.9.5.1_LI_Images, 20.9.4.1.6, 20.14.1, 20.14.1_LI_Images, 20.9.5.2, 20.9.5.2.1, 20.9.5.2_LI_Images, 20.12.3.1, 20.12.4, 20.15.1_LI_Images, 20.15.1, 20.9.5.1.4, 20.9.5.2.7, 20.9.5.2.13, 20.9.6, 20.9.6_LI_Images, 20.9.5.2.14, 20.6.8, 20.12.4.0.03, 20.16.1, 20.16.1_LI_Images, 20.12.4_LI_Images, 20.9.5.2.16, 20.12.4.0.4, 20.12.401, 20.9.5.3, 20.9.5.3_LI_Images, 20.12.4.1_LI_Images, 20.12.4.1, 20.9.5.2.21, 20.9.6.0.3, 20.12.4.0.6, 20.15.2_LI_Images, 20.15.2, 20.12.4_Monthly_ES5, 20.12.5, 20.12.5_LI_Images, 20.9.7_LI _Images, 20.9.7, 20.15.3, 20.15.3_ LI _Images, 20.12.501, 20.12.5.1_LI_Images, 20.12.5.1, 20.12.5.2_LI_Images, 20.12.5.2, 20.15.3.1, 20.15.4_LI_Images, 20.15.4, 20.9.7.1_LI _Images, 20.9.7.1, 20.18.1, 20.18.1_LI_Images, 20.12.6_LI_Images, 20.12.6, 20.12.5.1.01, 20.9.8, 20.9.8_LI_Images, 20.18.2, 20.15.4.1_LI_Images, 20.15.4.1, 20.18.2_LI_Images

Also Affects

Downstream vendors/products affected by this vulnerability

Vendor	Product	Source	Confidence
cis	catalyst sd-wan	cert_advisory	90%

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

Related News (10 articles)

Tier D

BleepingComputer4d ago

Cisco warns of unpatched SD-WAN zero-day exploited in attacks

→ No new info (linked only)

Tier D

SecurityWeek4d ago

Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026

→ No new info (linked only)

Tier B

CCCS Canada25d ago

AL26-012 - Critical vulnerability affecting Cisco Catalyst SD-WAN - CVE-2026-20182

→ No new info (linked only)

Tier B

CCCS Canada25d ago

AL26-013 - Critical vulnerability affecting Cisco Catalyst SD-WAN - CVE-2026-20182

→ No new info (linked only)

Tier D

SecurityWeek25d ago

Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026

→ No new info (linked only)

Tier A

Cisco Security48d ago

Cisco Catalyst SD-WAN Vulnerabilities

→ No new info (linked only)

Tier D

BleepingComputer49d ago

CISA flags new SD-WAN flaw as actively exploited in attacks

→ No new info (linked only)

Tier D

Help Net Security49d ago

CISA flags another Cisco Catalyst SD-WAN Manager bug as exploited (CVE-2026-20133)

→ No new info (linked only)

Tier B

BSI Advisories49d ago

[UPDATE] [kritisch] Cisco Catalyst SD-WAN Manager und SD-WAN Controller: Mehrere Schwachstellen

→ No new info (linked only)

Tier B

CCCS Canada50d ago

Cisco security advisory (AV26-166) – Update 3

→ No new info (linked only)

CVSS 3.15.4 MEDIUM

VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

CISA KEV✅ Yes

Actively exploited✅ Yes

Patch available

20.9.8.220.12.5.320.15.4.220.18.2.1

CWECWE-648

PublishedFeb 25, 2026

Last enriched49d agov2

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

HIGHCVE-2026-20182EXPKEV

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

Trending: 163

HIGHCVE-2026-20245EXP

Cisco Catalyst SD-WAN Controller Authenticated Privilege Escalation Vulnerability

Trending: 103

CRITICALCVE-2026-20230EXP

CVE-2026-20230: A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Ma

Trending: 52

HIGHCVE-2026-20233EXP

Cisco Webex Meetings Cross-Site Scripting Vulnerability

Trending: 32

HIGHCVE-2026-20175EXP

Cisco Finesse File Inclusion Vulnerability

Trending: 29

Pin to Dashboard

Verification

State: verified

Confidence: 100%

Vulnerability Timeline

CVE Published

Feb 25, 2026

Added to CISA KEV

Feb 25, 2026

Discovered by ZDM

Apr 1, 2026

Actively Exploited

Apr 21, 2026

Patch Available

Apr 21, 2026

Updated: tags

Apr 21, 2026

Version History

Last enriched 49d ago

v2Tier D49d ago

Updated 'activelyExploited' to true and added new CVE tags for related vulnerabilities.

tags

via Help Net Security

v169d ago

Initial creation

Description

Affected Products

Vendor

Product

Versions

cis

catalyst_sd-wan_manager

20.1.12, 19.2.1, 18.4.4, 18.4.5, 20.1.1.1, 20.1.1, 19.3.0, 19.2.2, 19.2.099, 18.3.6, 18.3.7, 19.2.0, 18.3.8, 19.0.0, 19.1.0, 18.4.302, 18.4.303, 19.2.097, 19.2.098, 17.2.10, 18.3.6.1, 19.0.1a, 18.2.0, 18.4.3, 18.4.1, 17.2.8, 18.3.3.1, 18.4.0, 18.3.1, 17.2.6, 17.2.9, 18.3.4, 17.2.5, 18.3.1.1, 18.3.5, 18.4.0.1, 18.3.3, 17.2.7, 17.2.4, 18.3.0, 19.2.3, 18.4.501_ES, 20.3.1, 20.1.2, 19.2.929, 19.2.31, 20.3.2, 19.2.32, 20.3.2_925, 20.3.2.1, 20.3.2.1_927, 18.4.6, 20.1.2_937, 20.4.1, 20.3.2_928, 20.3.2_929, 20.4.1.0.1, 20.3.2.1_930, 19.2.4, 20.5.0.1.1, 20.4.1.1, 20.3.3, 19.2.4.0.1, 20.3.2_937, 20.3.3.1, 20.5.1, 20.1.3, 20.3.3.0.4, 20.3.3.1.2, 20.3.3.1.1, 20.4.1.2, 20.3.3.0.2, 20.4.1.1.5, 20.4.1.0.01, 20.4.1.0.02, 20.3.3.1.7, 20.3.3.1.5, 20.5.1.0.1, 20.3.3.1.10, 20.3.3.0.8, 20.4.2, 20.4.2.0.1, 20.3.4, 20.3.3.0.14, 19.2.4.0.8, 19.2.4.0.9, 20.3.4.0.1, 20.3.2.0.5, 20.6.1, 20.5.1.0.2, 20.3.3.0.17, 20.6.1.1, 20.6.0.18.3, 20.3.2.0.6, 20.6.0.18.4, 20.4.2.0.2, 20.3.3.0.16, 20.3.4.0.5, 20.6.1.0.1, 20.3.4.0.6, 20.6.2, 20.7.1EFT2, 20.3.4.0.9, 20.3.4.0.11, 20.4.2.0.4, 20.3.3.0.18, 20.7.1, 20.6.2.1, 20.3.4.1, 20.5.1.1, 20.4.2.1, 20.4.2.1.1, 20.3.4.1.1, 20.3.813, 20.3.4.0.19, 20.4.2.2.1, 20.5.1.2, 20.3.4.2, 20.3.814, 20.4.2.2, 20.6.2.2, 20.3.4.2.1, 20.7.1.1, 20.3.4.1.2, 20.6.2.2.2, 20.3.4.0.20, 20.6.2.2.3, 20.4.2.2.2, 20.3.5, 20.6.2.0.4, 20.4.2.2.3, 20.3.4.0.24, 20.6.2.2.7, 20.6.3, 20.3.4.2.2, 20.4.2.2.4, 20.7.1.0.2, 20.8.1, 20.3.5.0.8, 20.3.5.0.9, 20.4.2.2.8, 20.3.5.0.7, 20.6.3.0.7, 20.6.3.0.5, 20.6.3.0.10, 20.6.3.0.2, 20.7.2, 20.9.1EFT2, 20.6.3.0.11, 20.6.3.1, 20.6.3.0.14, 20.6.4, 20.9.1, 20.6.3.0.19, 20.6.3.0.18, 20.3.6, 20.9.1.1, 20.6.3.0.23, 20.6.4.0.4, 20.6.3.0.25, 20.6.5, 20.6.3.0.27, 20.9.2, 20.9.2.1, 20.6.3.0.29, 20.6.3.0.31, 20.6.3.0.32, 20.10.1, 20.6.3.0.33, 20.9.2.0.01, 20.9.1_LI_Images, 20.10.1_LI_Images, 20.9.2_LI_Images, 20.3.7, 20.9.3, 20.6.5.1, 20.11.1, 20.11.1_LI_Images, 20.9.3_LI_ Images, 20.6.3.1.1, 20.9.3.0.2, 20.6.5.1.2, 20.9.3.0.3, 20.4.2.3, 20.6.3.2, 20.6.4.1, 20.6.3.0.38, 20.6.3.0.39, 20.3.5.1, 20.3.4.3, 20.9.3.1, 20.3.3.2, 20.6.5.2, 20.3.7.1, 20.10.1.1, 20.6.5.2.1, 20.3.4.0.25, 20.6.2.2.4, 20.6.1.2, 20.11.1.1, 20.9.3.0.5, 20.3.4.0.26, 20.6.5.1.3, 20.6.3.0.40, 20.1.3.1, 20.9.2.2, 20.6.5.2.3, 20.6.5.1.4, 20.6.5.3, 20.6.3.0.41, 20.9.3.0.7, 20.6.5.1.5, 20.9.3.0.4, 20.6.4.0.19, 20.6.5.1.6, 20.9.3.0.8, 20.6.3.3, 20.3.7.2, 20.6.5.4, 20.6.5.1.7, 20.9.3.0.12, 20.6.4.2, 20.6.5.5, 20.9.3.2, 20.11.1.2, 20.6.3.4, 20.10.1.2, 20.6.5.1.9, 20.9.3.0.16, 20.6.3.0.45, 20.6.5.1.10, 20.9.3.0.17, 20.6.5.2.4, 20.6.4.0.21, 20.9.3.0.18, 20.6.3.0.46, 20.6.3.0.47, 20.9.2.3, 20.9.3.2_LI_Images, 20.9.3.0.21, 20.9.3.0.20, 20.9.4_LI_Images, 20.9.4, 20.6.5.1.11, 20.12.1, 20.12.1_LI_Images, 20.6.5.1.13, 20.9.3.0.23, 20.6.5.2.8, 20.9.4.1, 20.9.4.1_LI_Images, 20.9.3.0.25, 20.9.3.0.24, 20.6.5.1.14, 20.3.8, 20.6.6, 20.9.3.0.26, 20.6.3.0.51, 20.9.3.0.29, 20.12.2, 20.12.2_LI_Images, 20.6.6.0.1, 20.13.1_LI_Images, 20.9.4.0.4, 20.13.1, 20.9.4.1.1, 20.9.5, 20.9.5_LI_Images, 20.12.3_LI_Images, 20.12.3, 20.9.4.1.3, 20.6.7, 20.9.5.1, 20.9.5.1_LI_Images, 20.9.4.1.6, 20.14.1, 20.14.1_LI_Images, 20.9.5.2, 20.9.5.2.1, 20.9.5.2_LI_Images, 20.12.3.1, 20.12.4, 20.15.1_LI_Images, 20.15.1, 20.9.5.1.4, 20.9.5.2.7, 20.9.5.2.13, 20.9.6, 20.9.6_LI_Images, 20.9.5.2.14, 20.6.8, 20.12.4.0.03, 20.16.1, 20.16.1_LI_Images, 20.12.4_LI_Images, 20.9.5.2.16, 20.12.4.0.4, 20.12.401, 20.9.5.3, 20.9.5.3_LI_Images, 20.12.4.1_LI_Images, 20.12.4.1, 20.9.5.2.21, 20.9.6.0.3, 20.12.4.0.6, 20.15.2_LI_Images, 20.15.2, 20.12.4_Monthly_ES5, 20.12.5, 20.12.5_LI_Images, 20.9.7_LI _Images, 20.9.7, 20.15.3, 20.15.3_ LI _Images, 20.12.501, 20.12.5.1_LI_Images, 20.12.5.1, 20.12.5.2_LI_Images, 20.12.5.2, 20.15.3.1, 20.15.4_LI_Images, 20.15.4, 20.9.7.1_LI _Images, 20.9.7.1, 20.18.1, 20.18.1_LI_Images, 20.12.6_LI_Images, 20.12.6, 20.12.5.1.01, 20.9.8, 20.9.8_LI_Images, 20.18.2, 20.15.4.1_LI_Images, 20.15.4.1, 20.18.2_LI_Images

Vendor

Product

Source

Confidence

cis

catalyst sd-wan

cert_advisory

90%