Cyber Updates 7 May 2026 / 0 Comments

Cisco SD-WAN Authentication Bypass Under Active Exploitation (CVE-2026-20128)

Scope: Cisco SD-WAN Systems

Severity: Red

A critical authentication bypass vulnerability in Cisco SD-WAN software allows unauthenticated remote attackers to bypass access controls and gain unauthorized access to affected systems, posing significant risk to enterprise WAN infrastructure. CISA has added this vulnerability to its Known Exploited Vulnerabilities catalog and issued an Emergency Directive requiring federal agencies to apply mitigations, signaling confirmed active exploitation in the wild. Organizations should apply Cisco's patches immediately, follow CISA's hunt and hardening guidance for exposed SD-WAN systems, and audit network infrastructure for indicators of unauthorized access or configuration changes.

The Uganda National CERT and Coordination Center (CERT.UG/CC) encourages users and administrators to review the recommendations and apply the necessary updates.

Cisco SD-WAN Authentication Bypass Under Active Exploitation (CVE-2026-20128)

MetInfo CMS Unauthenticated PHP Code Injection Under Active Exploitation (CVE-2026-29014)

Recent Advisories

Categories

Contact info

Useful Links

Subscribe to our Mailing List

Cisco SD-WAN Authentication Bypass Under Active Exploitation (CVE-2026-20128)

RELATED ADVISORIES

MetInfo CMS Unauthenticated PHP Code Injection Under Active Exploitation (CVE-2026-29014)

Recent Advisories

Categories