CISCO'S Catalyst SD-WAN Manager has a vulnerability identified as CVE-2026-20262, which allows for arbitrary file writes, and is currently being exploited in the wild. This flaw has a CVSS score of 6.5 and stems from improper validation of user inputs during file uploads, enabling an authenticated attacker to overwrite system files. Successful exploitation could lead to privilege escalation.
Cisco has urged users to upgrade to secure software versions as federal agencies are required to patch this vulnerability by June 29, 2026. CISA has added this issue to its Known Exploited Vulnerabilities catalog, indicating its critical nature.