CVE-2026-20126

⚠️ high

Summary

A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gain root privileges on the underlying operating system. This vulnerability is due to an insufficient user authentication mechanism in the REST API. An attacker could exploit this vulnerability by sending a request to the REST API of the affected system. A successful exploit could allow the attacker to gain root privileges on the underlying operating system.

CVSS Score

8.8

High

EPSS Score

0.0

Exploit Probability

Published Date

2026-02-25

First Seen: 2026-02-26

📊 Relative Risk Intelligence

This CVE is High Risk - more severe than 81.1% of all 330,193 vulnerabilities in our database.

#62,466

Top 25% most severe

Severity Percentile

🎯 CISA SSVC Assessment Updated: Feb 26, 2026

🔍 Exploitation Status

None

No known exploits

⚙️ Automatable

Requires human interaction

💥 Technical Impact

Total

Complete system compromise possible

SSVC data provided by CISA

Last Modified 2026-03-04

Source NVD 🔗

CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE IDs (Weakness Types)

CWE-648

📦 Affected Products 5

Vendor	Product	Status	Affected Versions
cisco	catalyst_sd-wan_manager	Affected	> 20.11 < 20.12.5.3
cisco	catalyst_sd-wan_manager	Affected	> 20.13 < 20.15.4.2
cisco	catalyst_sd-wan_manager	Affected	> 20.16 < 20.18.2.1
cisco	catalyst_sd-wan_manager	Affected	< 20.9.8.2
cisco	catalyst_sd-wan_manager	Affected	v20.12.6

🔗 References 1

https://sec.cloudapps.cisco.com/security/center/cont...

Vendor Advisory

🔗 Related CVEs 6

CVE ID	Severity	CVSS	EPSS	Summary	Published
CVE-2026-20262	🔶 medium	6.5	1.7	A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, r...	2026-06-15
CVE-2026-20245	⚠️ high	7.8	1.0	A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, f...	2026-06-04
CVE-2026-20182	⛔ critical	10.0	77.9	May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fi...	2026-05-14
CVE-2026-20122	🔶 medium	5.4	1.1	A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite a...	2026-02-25
CVE-2026-20127	⛔ critical	10.0	48.2	A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalys...	2026-02-25
CVE-2026-20128	⚠️ high	7.5	0.1	A vulnerability in the Data Collection Agent (DCA) feature of Cisco Catalyst SD-WAN Manager could allow an unauthenticat...	2026-02-25

These CVEs affect the same products