By Grace Dille
Publication Date: 2026-02-25 00:00:00
The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive on Wednesday calling on federal civilian agencies to take immediate steps to secure Cisco Software-Defined Wide-Area Networking (SD-WAN) systems.
The agency said the directive comes in response to “a significant cyber threat targeting federal networks utilizing certain Cisco systems and software.”
CISA is requiring agencies using Cisco SD-WAN products to identify affected systems and report an initial inventory to CISA by 11:59 p.m. on Feb. 26, and then apply Cisco-provided updates addressing two vulnerabilities by 5 p.m. on Feb. 27, 2026.
“Based on collaboration with international partners and CISA’s forensic analysis, the ease with which these vulnerabilities can be exploited demands immediate action from all federal agencies,” said Madhu Gottumukkala, CISA’s acting director, in a press release.
“We urge all entities to implement the measures outlined in this Emergency…
