Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited - SecurityWeek

A Cisco Catalyst SD-WAN vulnerability (CVE-2026-20127), initially exploited as a zero-day, is now being widely exploited by threat actors. This escalating exploitation, now internet-wide, targets systems by bypassing authentication and escalating privileges, with a significant spike observed on March 4th. Experts warn that exposed systems should be considered compromised due to the mass and opportunistic nature of these attacks.