Cisco SD-WAN Under Siege: Two More Catalyst Vulnerabilities Now Actively Exploited (March 2026)
Cisco just expanded the list of actively exploited Catalyst SD-WAN vulnerabilities — and if you haven’t patched yet, you’re running out of time. On March 5, 2026, Cisco updated its advisory to confirm that CVE-2026-20128 and CVE-2026-20122 are now being exploited in the wild, bringing the total number of actively exploited SD-WAN flaws to three in just eight days. Combined with the critical CVE-2026-20127 zero-day disclosed on February 25, this represents a sustained campaign against SD-WAN infrastructure that every network engineer needs to take seriously. ...