CISA Warns of Actively Exploited Cisco SD-WAN Flaw – Orders Urgent Federal Patching

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent directive to U.S. federal agencies to patch a newly flagged vulnerability affecting Cisco’s widely used SD-WAN management platform, warning that the flaw is already being actively exploited by threat actors.

The vulnerability—tracked as CVE-2026-20133—impacts Cisco’s Catalyst SD-WAN Manager, a centralized system used by enterprises and government networks to control and monitor thousands of distributed networking devices. The platform, formerly known as vManage, can oversee as many as 6,000 devices from a single interface, making it a critical component in large-scale infrastructure environments.

CISA added the flaw to its Known Exploited…