Cisco Catalyst SD-WAN Manager: Low-Privilege User Can Become Root

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

7.8

Cisco Catalyst SD-WAN Manager: Low-Privilege User Can Become Root

CVE-2026-20126

Summary

A security issue exists in Cisco Catalyst SD-WAN Manager. An attacker who has already been authenticated on the system and has low privileges can exploit this issue to gain full control of the underlying operating system. To fix this, update to a patched version of the software as soon as possible.

What to do

No fix is available yet. Check with your software vendor for updates.

Affected software

Vendor	Product	Affected versions	Fix available
cisco	catalyst_sd-wan_manager	<= 20.9.8.2	–
cisco	catalyst_sd-wan_manager	> 20.11 , <= 20.12.5.3	–
cisco	catalyst_sd-wan_manager	> 20.13 , <= 20.15.4.2	–
cisco	catalyst_sd-wan_manager	> 20.16 , <= 20.18.2.1	–
cisco	catalyst_sd-wan_manager	20.12.6	–

Original title

A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying operating system. This vulnerability i...

Original description

A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying operating system.

This vulnerability is due to an insufficient user authentication mechanism in the REST API. An attacker could exploit this vulnerability by sending a request to the REST API of the affected system. A successful exploit could allow the attacker to gain root privileges on the underlying operating system.

nvd CVSS3.1 7.8

Vulnerability type

CWE-648

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/ci... Vendor Advisory

Published: 25 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026