Cisco has disclosed a high-severity privilege escalation vulnerability, CVE-2026-20245 (CVSS 7.8), in Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) that allows authenticated local attackers to execute arbitrary commands as root. Tracked under advisory cisco-sa-sdwan-privesc-4uxFrdzx and Bug ID CSCwu18563, the flaw resides in the CLI of Cisco Catalyst SD-WAN Manager and is rooted in insufficient validation of user-supplied input classified under CWE-116 (Improper […]
The post Cisco SD-WAN Flaw Exploited to Execute Root-Level Commands appeared first on Cyber Security News.