THREAT SENTINEL
Back to Dashboard
VulnerabilitiesCritical

Cisco Catalyst SD-WAN Zero-Day (CVE-2026-20127) Exploited by Sophisticated Threat Actor

Friday, March 27, 2026
Global
https://www.securityweek.com/cisco-patches-catalyst-sd-wan-zero-day-exploited-by-highly-sophisticated-hackers/

Summary

Critical authentication bypass in Cisco Catalyst SD-WAN exploited by UAT-8616 threat actor. Chained with older vulnerability for privilege escalation. Added to CISA KEV catalog.

Threat Analysis

Critical authentication bypass in Cisco Catalyst SD-WAN exploited by UAT-8616 threat actor. Chained with older vulnerability for privilege escalation. Added to CISA KEV catalog.

**Associated CVEs:** CVE-2026-20127, CVE-2022-20775

**Source:** https://www.securityweek.com/cisco-patches-catalyst-sd-wan-zero-day-exploited-by-highly-sophisticated-hackers/

**Recommended Actions:** - Apply security patches immediately if available - Monitor for indicators of compromise - Review and update security configurations - Implement network segmentation where applicable

Last updated: Mar 27, 2026, 11:44 AM

Daily Intelligence

Stay Ahead of Threats

Subscribe to receive daily threat briefings delivered to your inbox. Be the first to know about emerging security risks.

No spamUnsubscribe anytimeDaily at 9 AM