CVE-2026-20126

HIGH8.8

Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability

Published Feb 25, 2026

Modified 1 weeks ago

Details

A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying operating system.

This vulnerability is due to an insufficient user authentication mechanism in the REST API. An attacker could exploit this vulnerability by sending a request to the REST API of the affected system. A successful exploit could allow the attacker to gain root privileges on the underlying operating system.

References

WEB

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2026-20126

CVSS Analysis

CVSS v3.1

8.8

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

HighI:H

Availability

HighA:H

8.8/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness Type (CWE)

Other

CWE-648

Ecosystems

Timeline

PublishedFeb 25, 2026

ModifiedFeb 26, 2026