Cisco SD-WAN Manager Flaw Actively Exploited
Cisco is warning of a high-severity vulnerability in its Catalyst SD-WAN Manager that allows attackers to execute commands as root, and it's already being exploited by hackers. This flaw, rated 7.8 on the CVSS scale, could give attackers control over your system if they're able to upload a malicious file.
Cisco SD-WAN Zero-Day Exploited in Targeted Attacks
Cisco is warning of a high-severity zero-day vulnerability in its Catalyst SD-WAN Manager that is being actively exploited, allowing attackers to gain root privileges and execute arbitrary commands. This critical flaw affects all deployment types and could put your network at risk if left unpatched.
Read our 22-page Update Report on $TTGI (TSXV). FQ2/2026 revenue of $6.44M in line with estimates, first full quarter of the combined platform. Insentra US enterprise pipeline building. $28–$32M guidance reaffirmed. Spec. Buy, $0.35 target.
We have published an Update Report on Turnium Technology Group (TSXV: TTGI | FSE: E48), a Vancouver-based Technology-as-a-Service (TaaS) provider. FQ2/2026 delivered revenue of $6.44M, in line with estimates, marking the first full quarter consolidating TNSI, Claratti, and Insentra. Management reaffirmed revenue guidance of $28M–$32M for the 12 months from March 1, 2026. Post-quarter, Insentra secured two six-figure U.S. enterprise engagements, validating its channel-led growth model. A cost optimization program targeting $1.2M–$2.4M in annualized SG&A reductions has been initiated. We maintain a Speculative Buy rating and increase the 12-month target price to $0.35 per share. [more]
CVE-2026-20182, CVSS 10.0 — the 6th exploited Cisco SD-WAN zero-day in 2026.
Unauthenticated DTLS bypass → admin → NETCONF → full fabric control. CISA deadline was May 17.
This isn't a patch problem anymore. It's an architecture problem.
Cisco SD-WAN Zero-Day Exploited for Admin Access
A critical zero-day vulnerability, CVE-2026-20182, has been exploited in Cisco SD-WAN, allowing hackers to gain unrestricted administrative control with a severity score of 10 on the CVSS scale. This flaw enables unauthenticated attackers to manipulate network configurations and take control of Cisco Catalyst SD-WAN Controller with ease.
Cisco Zero-Day Exploited in Ongoing Attacks by Persistent Threat Group
A newly discovered Cisco zero-day vulnerability, CVE-2026-20182, is being exploited in ongoing attacks, allowing threat actors to gain the highest administrative access to a network controller, essentially handing them a master key to wreak havoc. This max-severity flaw has sparked a race against time for Cisco customers and national cyber…
Cisco is warning that a critical Catalyst SD-WAN Controller authentication bypass flaw, tracked as CVE-2026-20182, was actively exploited in zero-day attacks that allowed attackers to gain administrative privileges on compromised devices.
Cisco has issued an urgent warning about a critical SD-WAN authentication bypass flaw, CVE-2026-20127, which has been actively exploited in zero-day attacks since at least 2023. The sophisticated threat actor, UAT-8616, is gaining control-plane access, manipulating network behavior, and establishing long-term persistence. This ongoing threat highlights significant operational fatigue and forces a…
🤖 This post was AI-generated.
CISA Flags Cisco SD-WAN Vulnerability as Exploited
CISA has flagged a critical Cisco SD-WAN vulnerability, CVE-2026-20182, as exploited, giving federal agencies until May 17, 2026, to patch the authentication bypass flaw that could grant hackers administrative privileges. This vulnerability, scoring 10.0 on the CVSS scale, is now a top priority for remediation.
The New Oil
Analyst207
Chris Thompson
DIESEC
Daniel Marsh