By Zack Whittaker
Publication Date: 2026-02-26 16:03:00
Cisco says hackers have been exploiting a bug in one of its popular networking products used by large enterprises for at least three years, prompting the U.S. government and its allies to urge organizations to take action.
The bug, which has a maximum-rated vulnerability severity score of 10.0, allows hackers to remotely break into networks running its Catalyst SD-WAN products, which allow large companies and government agencies with multiple offices to connect their private networks over long distances.
By exploiting this bug over the internet, hackers can gain the highest-level of permissions to these devices and maintain persistent hidden access inside a victim’s network, allowing them to spy or steal data over a long period of time.
Cisco said after discovering the bug, its researchers traced back evidence of exploitation as far back as 2023. Some of the affected organizations are said to be critical infrastructure. The company did not provide specifics, but…
