Patch time for Cisco SD-WAN admins as vendor drops yet another make-me-admin zero-day

Cisco has issued an emergency patch for a critical vulnerability in its Catalyst SD-WAN Controller and Manager, identified as CVE-2026-20182. This zero-day bug allows unauthenticated remote attackers to gain admin privileges, potentially enabling them to execute arbitrary commands and compromise network security. The vulnerability affects all deployment types, prompting urgent action from Cisco admins to mitigate risks.