CVE-2026-20129

CWE-287Improper AuthenticationCWE-200Information ExposureCWE-257CWE-6485 documents5 sources
Severity
9.8CRITICAL
EPSS
0.2%
top 61.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Catalyst Sd-wan ManagerCisco Cisco Catalyst Sd-wan Manager
Timeline
PublishedFeb 25
Latest updateFeb 26

Description

A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an affected system as a user who has the netadmin role. The vulnerability is due to improper authentication for requests that are sent to the API. An attacker could exploit this vulnerability by sending a crafted request to the API of an affected system. A successful exploit could allow the attacker to execute commands with the privileges of the netad

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

NVDcisco/catalyst_sd-wan_manager20.1120.12.5.3+4
CVEListV5cisco/cisco_catalyst_sd-wan_manager335 versions+334

🔴Vulnerability Details

2
GHSA
GHSA-5h54-2f2f-5x5c: A vulnerability in the API user authentication of Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to gain access to an a2026-02-25
CVEList
Cisco Catayst SD-WAN Authentication Bypass Vulnerability2026-02-25

📋Vendor Advisories

1
Cisco
Cisco Catalyst SD-WAN Vulnerabilities2026-02-26

🕵️Threat Intelligence

1
Wiz
CVE-2026-20129 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2026-20129 (CRITICAL CVSS 9.8) | A vulnerability in the API user aut | cvebase.io