Home / Vulnerability Intelligence / CVE-2026-20126

CVE-2026-20126 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: February 27, 2026

Cisco Catalyst SD-WAN Manager - Privilege Escalation

Published: February 25, 2026Updated: February 27, 2026Remote Exploitable

Overview

Cisco Catalyst SD-WAN Manager contains a privilege escalation caused by insufficient user authentication in the REST API, letting authenticated local attackers with low privileges gain root privileges, exploit requires authentication.

Severity & Score

Severity: High

CVSS Score: 8.8

EPSS Score: 4.2%(Probability of exploitation in next 30 days)

Impact

Authenticated local attackers can gain root privileges on the underlying operating system, leading to full system compromise.

Mitigation

Update to the latest version with fixed REST API authentication mechanism.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v

Social Media Activity(1 post)

@AAKL

Mar 18, 2026

New advisory from Cisco addressing critical February 25 vulnerabilities: "There are no workarounds that address these vulnerabilities. Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory." CVE-2026-20122; CVE-2026-20126; CVE-2026-20128: Cisco Catalyst SD-WAN Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v @TalosSecurity #Cisco #infosec #vulnerability

View original post

Related Resources

Details

CVE ID: CVE-2026-20126
Severity: High
CVSS Score: 8.8
Type: broken_access_control
Status: unconfirmed
EPSS: 4.2%
Social Posts: 1

CWE

CWE-648

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score

4.2%Probability of exploitation in the next 30 days