{"id":1323,"date":"2026-06-16T07:06:57","date_gmt":"2026-06-16T07:06:57","guid":{"rendered":"https:\/\/thedigitalfortress.us\/?p=1323"},"modified":"2026-06-16T07:06:57","modified_gmt":"2026-06-16T07:06:57","slug":"cisco-releases-security-updates-for-actively-exploited-sd-wan-manager-flaw","status":"publish","type":"post","link":"https:\/\/thedigitalfortress.us\/?p=1323","title":{"rendered":"Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw"},"content":{"rendered":"
\n

\ue804<\/i>Ravie Lakshmanan<\/span>\ue802<\/i>Jun 16, 2026<\/span><\/span>Vulnerability \/ Network Security<\/span><\/p>\n<\/div>\n

\n
<\/a><\/div>\n

Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild.<\/p>\n

The vulnerability, tracked as CVE-2026-20262<\/b>, carries a CVSS score of 6.5 out of 10.0.<\/p>\n

\u00abA vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the filesystem of an affected system,\u00bb Cisco said<\/a> in an advisory.<\/p>\n

The issue, the networking equipment company added, stems from inadequate validation of user-supplied input during a file upload process. An attacker could exploit this behavior to create or overwrite any file on the underlying operating system by sending crafted HTTP requests to an affected API endpoint.<\/p>\n

This, in turn, could be weaponized to elevate to the root. However, successful exploitation hinges on the attacker already having valid credentials with at least write access.<\/p>\n

\n
\"Cybersecurity\"<\/a><\/div>\n<\/div>\n

The vulnerability impacts the following products regardless of the deployment type –<\/p>\n