> TritonInfoSec News
Home / Feb 28, 2026 / Story
0
#1 The Hacker News general February 26, 2026 at 06:13 UTC

Cisco SD-WAN Zero-Day CVE-2026-20127 Exploited Since 2023 for Admin Access

By [email protected] (The Hacker News)

AI Summary

Cisco disclosed CVE-2026-20127, a maximum-severity authentication bypass vulnerability in Catalyst SD-WAN Controller and Manager that allows unauthenticated remote attackers to gain administrative privileges. The zero-day has been actively exploited since 2023 by sophisticated threat actors and was immediately added to CISA's KEV catalog.

Read full article → https://thehackernews.com/2026/02/cisco-sd-wan-zer…

Relevance score: 98.0/100

# More from February 28

  1. 2
    APT37 hackers use new malware to breach air-gapped networks BleepingComputer
  2. 3
    CISA warns that RESURGE malware can be dormant on Ivanti devices BleepingComputer
  3. 4
    900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks The Hacker News
  4. 5
    Europol-led crackdown on The Com hackers leads to 30 arrests BleepingComputer
  5. 6
    Google quantum-proofs HTTPS by squeezing 2.5kB of data into 64-byte space Ars Technica Security
  6. 7
    DoJ Seizes $61 Million in Tether Linked to Pig Butchering Crypto Scams The Hacker News
  7. 8
    Ukrainian man pleads guilty to running AI-powered fake ID site BleepingComputer
  8. 9
    New AirSnitch attack breaks Wi-Fi encryption in homes, offices, and enterprises Ars Technica Security
  9. 10
    Ransomware payment rate drops to record low despite attack surge BleepingComputer