CVE-2026-20210
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, elevate privileges, or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R Security Impact Rating: Critical CVE: CVE-2026-20209,CVE-2026-20210,CVE-2026-20224
CSIRTS triage
- What
- Multiple vulnerabilities could allow a remote attacker to gain access to sensitive information or elevate privileges.
- Who is affected
- Users of Cisco Catalyst SD-WAN Manager.
- Urgency
- Remediation is critical urgency as these vulnerabilities could lead to unauthorized access.
- Action
- Cisco strongly recommends upgrading to the fixed software indicated in the advisory.
AI-assisted analysis generated from the source advisory — verify against the original.
⚡ Watch CVE-2026-20210
Get an email if CVE-2026-20210 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.
Exploitation outlook
- Low exploitation risk0.19% 30-day exploitation probability — currently an unlikely target, but scores change as exploit code circulates. Riskier than 9% of all EPSS-scored CVEs.
Advisory coverage (1)
- criticalCisco Catalyst SD-WAN Manager Vulnerabilitiescisco-psirt · 2026-05-14
External references
Embed the live status
— this badge updates automatically when the KEV or exploit status changes. How to embed it →
[](https://www.csirts.com/cve/CVE-2026-20210)