Critical Cisco SD-WAN Flaw Has No Available Patch

Cisco's widely used SD-WAN Manager has a critical flaw that is actively exploited, but no patch is currently available for users.

Cisco has issued an urgent security advisory for a high-severity vulnerability in its Catalyst SD-WAN Manager, a central component for managing enterprise networks. The flaw, tracked as CVE-2026-20245, carries a CVSS score of 7.8 out of 10, signaling a significant risk. Most critically, Cisco confirmed that this vulnerability is already being actively exploited by attackers in the wild. The company has not yet released a software patch to fix the issue, leaving many systems exposed to ongoing attacks. This situation puts immediate pressure on organizations that rely on Cisco's software-defined networking solutions to manage their wide area networks (WANs). The active exploitation means this is not a theoretical threat but a clear and present danger. While the technical details of the flaw are not yet public, its high severity score suggests it could allow for significant unauthorized access or disruption of critical network services, potentially giving attackers a powerful foothold within a corporate network.

The vulnerability's impact is widespread, affecting a broad range of Cisco's SD-WAN offerings. Impacted deployments include on-premises installations of Catalyst SD-WAN Manager as well as several cloud-hosted versions: Cisco SD-WAN Cloud-Pro, the standard Cisco SD-WAN Cloud (managed by Cisco), and the Cisco SD-WAN for Government (FedRAMP) service. This wide attack surface means that IT and security teams across various sectors, from private enterprise to government agencies, need to assess their exposure immediately. Because an SD-WAN manager serves as the brain of an organization's network, a compromise could have devastating consequences. Attackers could potentially monitor sensitive traffic, redirect data to malicious destinations, or disrupt connectivity across all company locations, effectively crippling business operations. The absence of a patch forces security teams into a difficult position, requiring them to focus on detection and response rather than prevention. Organizations are urged to monitor Cisco's security advisories closely for the eventual release of a patch or official mitigation guidance.