> TritonInfoSec News
Home / Feb 27, 2026 / Story
0
#1 Dark Reading general February 26, 2026 at 21:45 UTC

Cisco SD-WAN Zero-Day Under Exploitation for 3 Years

By Rob Wright

AI Summary

Cisco patched CVE-2026-20127, a maximum-severity zero-day in SD-WAN Controller and Manager that allows unauthenticated remote attackers to bypass authentication and gain administrative privileges. The vulnerability has been actively exploited since 2023 by sophisticated threat actors who left minimal forensic evidence, prompting CISA to add it to the Known Exploited Vulnerabilities catalog.

Read full article → https://www.darkreading.com/vulnerabilities-threat…

Relevance score: 100.0/100

# More from February 27

  1. 2
    Google disrupts Сhina-linked cyberespionage campaign spanning dozens of countries
  2. 3
    UAT-10027 Targets U.S. Education and Healthcare with Dohdoor Backdoor The Hacker News
  3. 4
    Aeternum C2 Botnet Stores Encrypted Commands on Polygon Blockchain to Evade Takedown The Hacker News
  4. 5
    Trend Micro warns of critical Apex One code execution flaws BleepingComputer
  5. 6
    Critical Juniper Networks PTX flaw allows full router takeover BleepingComputer
  6. 7
    Previously harmless Google API keys now expose Gemini AI data BleepingComputer
  7. 8
    Zyxel warns of critical RCE flaw affecting over a dozen routers BleepingComputer
  8. 9
    European DYI chain ManoMano data breach impacts 38 million customers BleepingComputer
  9. 10
    Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware The Hacker News