CVE-2026-20262

Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability

Added to CISA KEV: 2026-06-15

By FixTheVuln Team Sources: CISA KEV Catalog, NVD
CVSS 6.5 — MEDIUM ACTIVE
OWASP: A01 CWE-22

Description

Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an...

Required Action

Fix: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.

References

Assess Your Risk

Use the CVSS Calculator to evaluate how this vulnerability affects your specific environment. Consider your network exposure, existing mitigations, and asset criticality.

Frequently Asked Questions

What is CVE-2026-20262?

CVE-2026-20262 (Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability) is a vulnerability with a CVSS score of 6.5 (MEDIUM). Cisco Catalyst SD-WAN Manager contains a directory or path traversal vulnerability that could allow an...

How do I fix CVE-2026-20262?

Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.

How severe is CVE-2026-20262?

CVE-2026-20262 has a CVSS score of 6.5, classified as MEDIUM. This vulnerability is in the CISA Known Exploited Vulnerabilities (KEV) catalog, meaning it has been actively exploited in the wild.

Free Security Tools

CVSS Calculator Security+ Practice Quiz Password Strength Checker

FixTheVuln Store

Stay Ahead of Vulnerabilities

Structured study planners for 60+ security certifications. Master vulnerability management with domain trackers and exam strategies.

Shop Security+ Planner

CyberFolio

Vulnerability management on your resume? Prove it.

Build a shareable cybersecurity portfolio that highlights your certifications, projects, and skills — free.

Build Your Portfolio →
← Back to Home ← All CVEs