CVE-2026-20133

HIGH CISA KEV EPSS 95.1%
Published Feb 25, 20264mo ago · Modified Apr 22, 20262mo ago
7.5 CVSS 3.1
High
Find Similar
Published Feb 25, 2026 4mo ago
Last Modified Apr 22, 2026 2mo ago
KEV Listed Apr 20, 2026 2mo ago
KEV Due Apr 23, 2026 68d overdue

Description

A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.

CVSS Details

Base Score
7.5
Exploitability
3.9
Impact
3.6
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Unchanged
Confidentiality High
Integrity None
Availability None

Threat Intelligence

CISA Known Exploited Overdue 68d
Added
Apr 20, 2026
Due
Apr 23, 2026

Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.

EPSS Exploit Probability
95.1% percentile
Exploit & Patch Status
Actively Exploited (KEV)
No Patch Available

Weaknesses 1

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor Information Exposure

Affected Products 5

VendorProductVersionRange
ciscocatalyst_sd-wan_manager* <20.9.8.2
ciscocatalyst_sd-wan_manager*≥20.10  –  <20.12.5.3
ciscocatalyst_sd-wan_manager*≥20.13  –  <20.15.4.2
ciscocatalyst_sd-wan_manager*≥20.16  –  <20.18.2.1
ciscocatalyst_sd-wan_manager20.12.6any

References 2

  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v
    Vendor Advisory
  • cisa.gov https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20133
    US Government Resource

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.