Emergency Cisco Critical 0Day Update—Attackers Downgrade Security

Emergency Cisco Critical 0Day Update—Attackers Downgrade Security

By Davey Winder
Publication Date: 2026-02-28 13:50:00

Updated February 28 with further advice from cybersecurity professionals regarding the 10/10 Cisco zero-day vulnerability and emergency update, including methods used by attackers to exploit this critical security issue.

A zero-day security vulnerability is being exploited in ongoing attacks, posing a “significant cyber threat targeting federal networks utilizing certain Cisco systems and software,” according to U.S. Cybersecurity and Infrastructure Security Agency. Here’s what all enterprises need to know about CVE-2026-20127, that impacts users of the Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, that can allow a remote hacker to bypass authentication and obtain admin privileges.

ForbesGoogle Chrome’s Security Update Decision—New Browser Danger Confirmed

Cisco Authentication Bypass Vulnerability Confirmed, Immediate…