CVE-2026-20209— Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability
Possible ATT&CK Techniques 1AI
T1078 · Valid AccountsAffected Version Matrix 354
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cisco | Cisco Catalyst SD-WAN Manager | 20.1.12 | affected |
19.2.1 | affected | ||
18.4.4 | affected | ||
18.4.5 | affected | ||
20.1.1.1 | affected | ||
20.1.1 | affected | ||
19.3.0 | affected | ||
19.2.2 | affected | ||
| … +346 more rows | |||
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-20209
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability
Source: NVD (National Vulnerability Database)
Vulnerability Description
A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an authenticated, remote attacker with read-only permissions to elevate their privileges from low to high and perform actions as a high-privileged user. This vulnerability exists because sensitive session information is recorded in audit logs. An attacker could exploit this vulnerability by elevating their read-only permissions in Cisco Catalyst SD-WAN Manager to those of a high-privileged user. A successful exploit could allow the attacker to perform actions as a high-privileged user.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
日志记录过多数据
Source: NVD (National Vulnerability Database)
Vulnerability Title
Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage) 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage)是美国思科(Cisco)公司的一个高度可定制的仪表板。可简化和自动化 Cisco SD-WAN 的部署、配置、管理和操作。 Cisco Catalyst SD-WAN Manager存在安全漏洞,该漏洞源于敏感会话信息被记录在审计日志中,可能导致具有只读权限的经过身份验证的远程攻击者将权限从低提升到高,并作为高权限用户执行操作。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Cisco | Cisco Catalyst SD-WAN Manager | 20.1.12 | - |
II. Public POCs for CVE-2026-20209
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-20209
请登录查看更多情报信息。
Advisory · 1
Same Patch Batch · Cisco · 2026-05-14 · 4 CVEs total
| CVE-2026-20182 | 10.0 CRITICAL | Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability |
| CVE-2026-20224 | 8.6 HIGH | Cisco Catalyst SD-WAN Manager XML External Entity Injection Vulnerability |
| CVE-2026-20210 | 5.4 MEDIUM | Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability |
IV. Related Vulnerabilities
Same product: Cisco Catalyst SD-WAN Manager
- CVE-2026-20224
Cisco Catalyst SD-WAN Manager XML External Entity Injection - CVE-2026-20210
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerabi - CVE-2026-20182
Cisco Catalyst SD-WAN Controller Authentication Bypass Vulne - CVE-2026-20108
Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage) 跨站脚本漏洞 - CVE-2026-20122
Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulne
Same vendor: Cisco
- CVE-2026-20199
Cisco ThousandEyes Virtual Appliance 证书验证漏洞致远程代码执行 - CVE-2026-20171
Cisco Nexus 3000 and 9000 Series Border Gateway Protocol Den - CVE-2026-20206
Cisco ThousandEyes BrowserBot Command Injection Vulnerabilit - CVE-2026-20223
Cisco Secure Workload Unauthorized API Access Vulnerability - CVE-2026-20224
Cisco Catalyst SD-WAN Manager XML External Entity Injection
Same weakness: CWE-779
- CVE-2026-20210
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerabi - CVE-2026-28718
Acronis Cyber Protect 安全漏洞 - CVE-2025-69230
AIOHTTP Vulnerable to Cookie Parser Warning Storm - CVE-2024-36416
SuiteCRM v4 API Excessive log data DOS - CVE-2024-1141
Glance-store: glance store access key logged in debug log le
V. Comments for CVE-2026-20209
No comments yet