By Matt Kapko
Publication Date: 2026-06-09 14:03:00
Cisco customers are confronting yet another actively exploited zero-day vulnerability affecting the vendor’s SD-WAN management software, reinforcing pressure on organizations that have experienced rare breaks from active threats this year.
The vulnerability — CVE-2026-20245 — marks the seventh actively exploited zero-day in Cisco SD-WANs this year.
Cisco said it first became aware of active exploitation of the latest defect in the network management software earlier this month. The company disclosed the vulnerability, which was first spotted by Mandiant, on Thursday and warned that a security patch is not yet available and there are no workarounds to mitigate the defect in the meantime.
“A patch for this vulnerability will be provided on a future date,” a company spokesperson said in a statement.
Cisco did not attribute the attacks to any specific group, describe the objectives of those attacks or share how many organizations have already been…