CSIRTS // UNIFIED SECURITY ADVISORY FEEDSYS ● ONLINE · POWERED BY INTELFUSIONS.COM

CVE-2026-20224

criticalcovered by 1 sourcefirst seen 2026-05-14
Multiple vulnerabilities in Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow a remote attacker to gain access to sensitive information, elevate privileges, or gain unauthorized access to the application. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. Cisco strongly recommends that customers upgrade to the fixed software indicated in this advisory. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R Security Impact Rating: Critical CVE: CVE-2026-20209,CVE-2026-20210,CVE-2026-20224

CSIRTS triage

What
Multiple vulnerabilities could allow a remote attacker to gain access to sensitive information or elevate privileges.
Who is affected
Users of Cisco Catalyst SD-WAN Manager.
Urgency
Remediation is critical urgency as these vulnerabilities could lead to unauthorized access.
Action
Cisco strongly recommends upgrading to the fixed software indicated in the advisory.

AI-assisted analysis generated from the source advisory — verify against the original.

⚡ Watch CVE-2026-20224

Get an email if CVE-2026-20224 is added to CISA KEV, gains public exploit code, or a new advisory cites it — max one per day, one-click unsubscribe.

Exploitation outlook

Advisory coverage (1)

External references

NVD record for CVE-2026-20224

CVE.org record

Embed the live status

CVE-2026-20224 live status badge — this badge updates automatically when the KEV or exploit status changes. How to embed it →

[![CVE-2026-20224 status](https://www.csirts.com/badge/CVE-2026-20224)](https://www.csirts.com/cve/CVE-2026-20224)