CVE-2026-20122

MEDIUM CISA KEV EPSS 93.4%
Published Feb 25, 20264mo ago · Modified Apr 21, 20262mo ago
5.4 CVSS 3.1
Medium
Find Similar
Published Feb 25, 2026 4mo ago
Last Modified Apr 21, 2026 2mo ago
KEV Listed Apr 20, 2026 2mo ago
KEV Due Apr 23, 2026 68d overdue

Description

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite arbitrary files on the local file system. To exploit this vulnerability, the attacker must have valid read-only credentials with API access on the affected system. This vulnerability is due to improper file handling on the API interface of an affected system. An attacker could exploit this vulnerability by uploading a malicious file on the local file system. A successful exploit could allow the attacker to overwrite arbitrary files on the affected system and gain vmanage user privileges.

CVSS Details

Base Score
5.4
Exploitability
2.8
Impact
2.5
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality Low
Integrity Low
Availability None

Threat Intelligence

CISA Known Exploited Overdue 68d
Added
Apr 20, 2026
Due
Apr 23, 2026

Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.

EPSS Exploit Probability
93.4% percentile
Exploit & Patch Status
Actively Exploited (KEV)
No Patch Available

Weaknesses 1

CWE-648

Affected Products 5

VendorProductVersionRange
ciscocatalyst_sd-wan_manager* <20.9.8.2
ciscocatalyst_sd-wan_manager*≥20.10  –  <20.12.5.3
ciscocatalyst_sd-wan_manager*≥20.13  –  <20.15.4.2
ciscocatalyst_sd-wan_manager*≥20.16  –  <20.18.2.1
ciscocatalyst_sd-wan_manager20.12.6any

References 2

  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v
    Vendor Advisory
  • cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20122
    US Government Resource

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.