CVE-2026-20133

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager (affected versions not specified)

Description Insufficient file system access restrictions could allow an unauthenticated remote attacker to view sensitive information on the underlying operating system. Exploitation can occur by accessing the system API or, for authenticated attackers with netadmin privileges, via the vshell. This issue may lead to unauthorized system access, privilege escalation to root, exfiltration of sensitive data, and the silent overwriting of critical files. There are reports of this issue being actively exploited in real-world incidents.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.