> TritonInfoSec News
Home / Jun 26, 2026 / Story
0
#1 The Hacker News general June 25, 2026 at 05:46 UTC

Cisco Catalyst SD-WAN Zero-Day CVE-2026-20245 Exploited to Gain Root Access

By [email protected] (The Hacker News)

AI Summary

Mandiant confirmed that CVE-2026-20245 (CVSS 7.8) in Cisco Catalyst SD-WAN was exploited as a zero-day at least two months before public disclosure, granting an unknown threat actor authenticated local privilege escalation to root on a communications service provider's network. This is the 7th Cisco SD-WAN vulnerability exploited in 2026, underscoring a sustained campaign targeting this platform. Security teams running Cisco SD-WAN should treat this as an active threat and audit for signs of rogue peering or unauthorized admin access.

Read full article → https://thehackernews.com/2026/06/cisco-catalyst-s…

Relevance score: 88.0/100

# More from June 26

  1. 2
    Amadey, StealC malware operations disrupted in Operation Endgame action BleepingComputer
  2. 3
    In Less Than 24 Hours, Attackers Weaponize Cisco CUCM Flaw Dark Reading
  3. 4
    New Gaslight macOS Malware Uses Prompt Injection to Disrupt AI-Assisted Analysis The Hacker News
  4. 5
    CISA Warns Critical Lantronix EDS5000 Flaw Is Being Actively Exploited The Hacker News
  5. 6
    CISA warns of max severity Ubiquiti flaws exploited in attacks BleepingComputer
  6. 7
    Gamaredon in 2025: Leveraging tunnels, workers, dead drops, and new alliances WeLiveSecurity (ESET)
  7. 8
    BeyondTrust, LastPass Impacted by Klue-Salesforce Incident SecurityWeek
  8. 9
    Exploitable CI/CD Vulnerabilities Expose Millions of Repositories to Hijacking SecurityWeek
  9. 10
    Chrome Ad Blocker with 10M+ Installs Found with Dormant Script Injection Capability The Hacker News