CVEFinder.io

CVE-2026-20129

⛔ critical
🔍 Scan for this CVE
Summary

A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An attacker could exploit this vulnerability by sending a crafted request to the API of an affected system. A successful exploit could allow the attacker to execute commands with the privileges of th

Description

A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role.

The vulnerability is due to improper authentication for requests that are sent to the API. An attacker could exploit this vulnerability by sending a crafted request to the API of an affected system. A successful exploit could allow the attacker to execute commands with the privileges of the netadmin role.
Note: Cisco Catalyst SD-WAN Manager releases 20.18 and later are not affected by this vulnerability. 

CVSS Score
9.8
Critical
EPSS Score
0.2
Exploit Probability
Published Date
2026-02-25
First Seen: 2026-02-26
📊 Relative Risk Intelligence

This CVE is Very High Risk - more severe than 90.5% of all 330,193 vulnerabilities in our database.

#31,351
Top 10% most severe
Severity Percentile
🎯 CISA SSVC Assessment Updated: Feb 26, 2026
🔍 Exploitation Status
None
No known exploits
⚙️ Automatable
YES
Can be exploited automatically
💥 Technical Impact
Total
Complete system compromise possible
SSVC data provided by CISA
Last Modified 2026-03-04
Source NVD 🔗
CVSS Vector 3.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE IDs (Weakness Types)
CWE-287

📦 Affected Products 5

Vendor Product Status Affected Versions
cisco catalyst_sd-wan_manager Affected
> 20.11 < 20.12.5.3
cisco catalyst_sd-wan_manager Affected
> 20.13 < 20.15.4.2
cisco catalyst_sd-wan_manager Affected
> 20.16 < 20.18
cisco catalyst_sd-wan_manager Affected
< 20.9.8.2
cisco catalyst_sd-wan_manager Affected
v20.12.6

🔗 References 1

https://sec.cloudapps.cisco.com/security/center/cont...
Vendor Advisory

🔗 Related CVEs 6

CVE ID Severity CVSS EPSS Summary Published
CVE-2026-20262 🔶 medium 6.5 1.7 A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, r... 2026-06-15
CVE-2026-20245 ⚠️ high 7.8 1.0 A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalyst SD-WAN Manager, f... 2026-06-04
CVE-2026-20182 ⛔ critical 10.0 77.9 May 2026: This security advisory provides the details and fix information for a vulnerability that was discovered and fi... 2026-05-14
CVE-2026-20122 🔶 medium 5.4 1.1 A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to overwrite a... 2026-02-25
CVE-2026-20126 ⚠️ high 8.8 0.0 A vulnerability in Cisco Catalyst SD-WAN Manager could allow an authenticated, local attacker with low privileges to gai... 2026-02-25
CVE-2026-20127 ⛔ critical 10.0 48.2 A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, Cisco Catalys... 2026-02-25
These CVEs affect the same products