Cisco adds another SD-WAN box to max-severity bug advisory
Updated at the time? No sweat. Check those logs, though
Security & Lifecycle News
Aggregated from vendor advisories, security research, and industry publications.
Showing: Cisco
× Clear
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalys…
Cisco patches SD-WAN flaw amid evidence of active exploitation
Cisco has released fixes for a vulnerability in its Catalyst SD-WAN Manager software after becoming aware of limited exploitation of the flaw, which could allow an authenticated at…
Cisco Patches Another SD-WAN Zero-Day Exploited in Attacks
Cisco recently became aware of the exploitation of CVE-2026-20262, a Catalyst SD-WAN Manager zero-day that allows arbitrary file write. The post Cisco Patches Another SD-WAN Zero-D…
Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw
Cisco has released security updates for a medium-severity security flaw in Catalyst SD-WAN Manager that has come under active exploitation in the wild. The vulnerability, tracked …
Cisco SD-WAN make-me-root bug under attack
Second Catalyst SD-WAN Manager flaw exploited as an 0-day this month
Cisco fixes SD-WAN vManage flaw exploited in zero-day attacks
Cisco has released security updates to address a vulnerability in the Catalyst SD-WAN Manager, tracked as CVE-2026-20262, that was exploited in attacks to escalate to root privileg…
Cisco Catalyst SD-WAN Manager Arbitrary File Write Vulnerability
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker to create a file or overwrite any file on the…
How Jeetu Patel made Cisco unrecognizable
Cisco Live 2026 is in the books, and it was “prove it” time for a promise made 24 months ago. At Cisco Live 2024, Chief Product Officer Jeetu Patel promised that Cisco would be unr…
A quick look at Cisco’s strategy to become a software monster
Cisco is in the years-long process of shifting from a hardware-centric business focused on switches and routers toward a broader software and services strategy, aiming to position …
CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following reports …
From the data center to the edge: How to build secure, effective enterprise AI infrastructure
While hyperscalers and neo-cloud providers may get the lion’s share of attention for providing AI infrastructure, many enterprises are taking a build-it-themselves approach to meet…
Attackers exploiting unpatched Cisco SD-WAN flaw
Cisco warns customers of an actively exploited high-severity vulnerability in Catalyst SD-WAN Manager, an enterprise network management system that has been targeted by hackers mul…
NB578: Cisco Goes All-In on AI Ops with Cloud Control; China Floats Underwater Data Center
Take a Network Break! Our Red Alert covers a critical Android vulnerability that could lead to local privilege escalation to root. On the news front, we dig into Cloud Control, Cis…
Cybersecurity M&A Roundup: 26 Deals Announced in May 2026
Significant cybersecurity M&A deals announced by Akamai, Check Point, Cisco, Cyera, Dragos, WatchGuard and Zscaler. The post Cybersecurity M&A Roundup: 26 Deals Announced in May 20…
Cisco Catalyst SD-WAN Manager CVE-2026-20245 Flaw Actively Exploited – No Patch Available
Cisco has warned that a high-severity security flaw impacting Catalyst SD-WAN Manager has come under active exploitation. The vulnerability, tracked as CVE-2026-20245, carries a C…
Yet another Cisco SD-WAN 0-day under attack, and no patch in sight
Good luck, sys admins
How Cisco IT cut observability costs by 86% and eliminated major network outages
When several database clusters started failing simultaneously, Cisco IT had all the data it needed to diagnose the problem. The signals were there. Engineers saw them. The issue wa…
Cisco warns of unpatched SD-WAN zero-day exploited in attacks
On Thursday, Cisco warned of a high-severity, unpatched zero-day in the Cisco Catalyst SD-WAN Manager (tracked as CVE-2026-20245) actively exploited in attacks enabling root privil…
Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026
The vulnerability is tracked as CVE-2026-20245 and it can allow arbitrary command execution as root, but no patch yet. The post Cisco Warns of 7th SD-WAN Zero-Day Exploited in 2026…
Cisco Catalyst SD-WAN Controller, Catalyst SD-WAN Manager, and Catalyst SD-WAN Validator Authenticated Privilege Escalation Vulnerability
A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, and Cisco Catalyst SD-WAN Validator,…
Cisco Patches CVE-2026-20230 in Unified CM as Exploit Code Goes Public
Cisco has patched a bug in Unified Communications Manager that lets an unauthenticated attacker on the network write files to the box and, from there, climb to root. It is tracked…
Cisco warns of critical Unified CM flaw with PoC exploit code
Cisco has released security updates to patch a critical-severity Unified Communications Manager (Unified CM) flaw that allows attackers to gain root privileges. [...]
Cisco Warns of Available PoC for Critical Unified CM Vulnerability
The high-severity flaw can be exploited remotely, without authentication, in server-side request forgery (SSRF) attacks. The post Cisco Warns of Available PoC for Critical Unified …
Cisco sees quantum networking as the future of networking
Particle entanglement, superposition and teleportation are key concepts in quantum physics. Einstein famously dismissed such phenomena as “spooky action at a distance.” Quantum …
Cisco Finesse Remote File Inclusion Vulnerability
A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker to load arbitrary files from remote locations into an active user session on an affected device, po…
Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability
A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthentic…
Cisco Webex Meetings Cross-Site Scripting Vulnerability
A vulnerability in the web-based user interface of Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. Cisco…
What is Cisco Cloud Control and why should customers care?
As is typical of Cisco, the company made several product announcements at its flagship event, Cisco Live. The most significant product announcement is Cisco Cloud Control, which re…
Cisco sings Mythos' praises - but doesn't say how many bugs the model uncovered
Meanwhile, Anthropic adds 150 partners to Project Glasswing