Security Advisory

Cisco Product Security Update Advisory (CVE-2026-20224)

  • Feb 27 2026
Cisco Product Security Update Advisory (CVE-2026-20224)

Overview

 

Cisco has released security updates that address vulnerabilities in its products. Users of affected products are advised to update to the latest version.

 

Affected Products

 

CVE-2026-20224

 

Cisco Catalyst SD-WAN Controller versions: 20.9 and earlier
Cisco Catalyst SD-WAN Controller version: 20.9
Cisco Catalyst SD-WAN Controller version: 20.11
Cisco Catalyst SD-WAN Controller version: 20.12.6
Cisco Catalyst SD-WAN Controller version: 20.12.5
Cisco Catalyst SD-WAN Controller version: 20.13
Cisco Catalyst SD-WAN Controller version: 20.14
Cisco Catalyst SD-WAN Controller version: 20.15
Cisco Catalyst SD-WAN Controller version: 20.16
Cisco Catalyst SD-WAN Controller version: 20.18

 

 

Resolved Vulnerabilities

 

Privilege Escalation Vulnerability in Cisco Catalyst SD-WAN Controller (CVE-2026-20224)

 

 

Vulnerability Patches

 

Vulnerability Patches have been made available in the latest update. Please follow the instructions on the Referenced Sites to update to the latest version of Vulnerability Patches.

 

CVE-2026-20224

 

Cisco Catalyst SD-WAN Controller versions: Migrate to a fixed release
Cisco Catalyst SD-WAN Controller version: 20.9.8.2
Cisco Catalyst SD-WAN Controller version: 20.12.6.1
Cisco Catalyst SD-WAN Controller version: 20.12.5.3
Cisco Catalyst SD-WAN Controller version: 20.12.6.1
Cisco Catalyst SD-WAN Controller version: 20.15.4.2
Cisco Catalyst SD-WAN Controller version: 20.15.4.2
Cisco Catalyst SD-WAN Controller version: 20.15.4.2
Cisco Catalyst SD-WAN Controller version: 20.18.2.1
Cisco Catalyst SD-WAN Controller version: 20.18.2.1

 

 

References

 

[1] Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EH..

Tags:
Previous Post

Next Post