CVE-2026-20133 (GCVE-0-2026-20133)
Vulnerability from cvelistv5
Published
2026-02-25 16:13
Modified
2026-04-22 15:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system.
This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Catalyst SD-WAN Manager |
Version: 17.2.6 Version: 17.2.7 Version: 17.2.8 Version: 17.2.9 Version: 17.2.10 Version: 17.2.4 Version: 17.2.5 Version: 18.3.1.1 Version: 18.3.3.1 Version: 18.3.3 Version: 18.3.4 Version: 18.3.5 Version: 18.3.7 Version: 18.3.8 Version: 18.3.6.1 Version: 18.3.1 Version: 18.3.0 Version: 18.4.0.1 Version: 18.4.3 Version: 18.4.302 Version: 18.4.303 Version: 18.4.4 Version: 18.4.5 Version: 18.4.0 Version: 18.4.1 Version: 18.4.6 Version: 19.2.0 Version: 19.2.097 Version: 19.2.099 Version: 19.2.1 Version: 19.2.2 Version: 19.2.3 Version: 19.2.31 Version: 19.2.929 Version: 19.2.4 Version: 20.1.1.1 Version: 20.1.12 Version: 20.1.1 Version: 20.1.2 Version: 20.1.3 Version: 19.3.0 Version: 19.1.0 Version: 18.2.0 Version: 20.3.1 Version: 20.3.2 Version: 20.3.2.1 Version: 20.3.3 Version: 20.3.3.1 Version: 20.3.4 Version: 20.3.4.1 Version: 20.3.4.2 Version: 20.3.5 Version: 20.3.6 Version: 20.3.7 Version: 20.3.7.1 Version: 20.3.4.3 Version: 20.3.5.1 Version: 20.3.7.2 Version: 20.3.8 Version: 20.4.1 Version: 20.4.1.1 Version: 20.4.1.2 Version: 20.4.2 Version: 20.4.2.2 Version: 20.4.2.1 Version: 20.4.2.3 Version: 20.5.1 Version: 20.5.1.2 Version: 20.5.1.1 Version: 20.6.1 Version: 20.6.1.1 Version: 20.6.2.1 Version: 20.6.2.2 Version: 20.6.2 Version: 20.6.3 Version: 20.6.3.1 Version: 20.6.4 Version: 20.6.5 Version: 20.6.5.1 Version: 20.6.5.3 Version: 20.6.1.2 Version: 20.6.3.2 Version: 20.6.4.1 Version: 20.6.5.2 Version: 20.6.5.4 Version: 20.6.3.3 Version: 20.6.4.2 Version: 20.6.3.0.45 Version: 20.6.3.0.46 Version: 20.6.3.0.47 Version: 20.6.3.4 Version: 20.6.4.0.21 Version: 20.6.5.1.10 Version: 20.6.5.1.11 Version: 20.6.5.1.7 Version: 20.6.5.1.9 Version: 20.6.5.2.4 Version: 20.6.5.5 Version: 20.6.5.2.8 Version: 20.6.5.1.13 Version: 20.6.6 Version: 20.6.7 Version: 20.6.8 Version: 20.7.1 Version: 20.7.1.1 Version: 20.7.2 Version: 20.8.1 Version: 20.9.1 Version: 20.9.2 Version: 20.9.2.1 Version: 20.9.3 Version: 20.9.3.1 Version: 20.9.2.3 Version: 20.9.3.0.12 Version: 20.9.3.0.16 Version: 20.9.3.0.17 Version: 20.9.3.0.18 Version: 20.9.3.0.20 Version: 20.9.3.0.21 Version: 20.9.3.2 Version: 20.9.3.2_LI_Images Version: 20.9.4 Version: 20.9.4_LI_Images Version: 20.9.3.0.23 Version: 20.9.4.1 Version: 20.9.5 Version: 20.9.5.1 Version: 20.9.5.2 Version: 20.9.6 Version: 20.9.5.3 Version: 20.9.7 Version: 20.9.7.1 Version: 20.9.8 Version: 20.10.1 Version: 20.10.1.1 Version: 20.10.1.2 Version: 20.11.1 Version: 20.11.1.1 Version: 20.11.1.2 Version: 20.12.1 Version: 20.12.1_LI_Images Version: 20.12.2 Version: 20.12.3 Version: 20.12.3.1 Version: 20.12.4 Version: 20.12.4.1 Version: 20.12.5 Version: 20.12.5.1 Version: 20.12.5.2 Version: 20.12.6 Version: 20.13.1 Version: 20.14.1 Version: 20.15.1 Version: 20.15.2 Version: 20.15.3 Version: 20.15.3.1 Version: 20.15.4 Version: 20.15.4.1 Version: 20.16.1 Version: 20.18.1 Version: 20.18.2 |
CISA Known Exploited Vulnerability
Data from the CISA Known Exploited Vulnerabilities Catalog
Date added: 2026-04-20
Due date: 2026-04-23
Required action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.
Used in ransomware: Unknown
Notes: CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v ; https://nvd.nist.gov/vuln/detail/CVE-2026-20133
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20133",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-22T13:54:59.090766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-04-20",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20133"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T13:55:06.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20133"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Catalyst SD-WAN Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "17.2.6"
},
{
"status": "affected",
"version": "17.2.7"
},
{
"status": "affected",
"version": "17.2.8"
},
{
"status": "affected",
"version": "17.2.9"
},
{
"status": "affected",
"version": "17.2.10"
},
{
"status": "affected",
"version": "17.2.4"
},
{
"status": "affected",
"version": "17.2.5"
},
{
"status": "affected",
"version": "18.3.1.1"
},
{
"status": "affected",
"version": "18.3.3.1"
},
{
"status": "affected",
"version": "18.3.3"
},
{
"status": "affected",
"version": "18.3.4"
},
{
"status": "affected",
"version": "18.3.5"
},
{
"status": "affected",
"version": "18.3.7"
},
{
"status": "affected",
"version": "18.3.8"
},
{
"status": "affected",
"version": "18.3.6.1"
},
{
"status": "affected",
"version": "18.3.1"
},
{
"status": "affected",
"version": "18.3.0"
},
{
"status": "affected",
"version": "18.4.0.1"
},
{
"status": "affected",
"version": "18.4.3"
},
{
"status": "affected",
"version": "18.4.302"
},
{
"status": "affected",
"version": "18.4.303"
},
{
"status": "affected",
"version": "18.4.4"
},
{
"status": "affected",
"version": "18.4.5"
},
{
"status": "affected",
"version": "18.4.0"
},
{
"status": "affected",
"version": "18.4.1"
},
{
"status": "affected",
"version": "18.4.6"
},
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "19.2.097"
},
{
"status": "affected",
"version": "19.2.099"
},
{
"status": "affected",
"version": "19.2.1"
},
{
"status": "affected",
"version": "19.2.2"
},
{
"status": "affected",
"version": "19.2.3"
},
{
"status": "affected",
"version": "19.2.31"
},
{
"status": "affected",
"version": "19.2.929"
},
{
"status": "affected",
"version": "19.2.4"
},
{
"status": "affected",
"version": "20.1.1.1"
},
{
"status": "affected",
"version": "20.1.12"
},
{
"status": "affected",
"version": "20.1.1"
},
{
"status": "affected",
"version": "20.1.2"
},
{
"status": "affected",
"version": "20.1.3"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "19.1.0"
},
{
"status": "affected",
"version": "18.2.0"
},
{
"status": "affected",
"version": "20.3.1"
},
{
"status": "affected",
"version": "20.3.2"
},
{
"status": "affected",
"version": "20.3.2.1"
},
{
"status": "affected",
"version": "20.3.3"
},
{
"status": "affected",
"version": "20.3.3.1"
},
{
"status": "affected",
"version": "20.3.4"
},
{
"status": "affected",
"version": "20.3.4.1"
},
{
"status": "affected",
"version": "20.3.4.2"
},
{
"status": "affected",
"version": "20.3.5"
},
{
"status": "affected",
"version": "20.3.6"
},
{
"status": "affected",
"version": "20.3.7"
},
{
"status": "affected",
"version": "20.3.7.1"
},
{
"status": "affected",
"version": "20.3.4.3"
},
{
"status": "affected",
"version": "20.3.5.1"
},
{
"status": "affected",
"version": "20.3.7.2"
},
{
"status": "affected",
"version": "20.3.8"
},
{
"status": "affected",
"version": "20.4.1"
},
{
"status": "affected",
"version": "20.4.1.1"
},
{
"status": "affected",
"version": "20.4.1.2"
},
{
"status": "affected",
"version": "20.4.2"
},
{
"status": "affected",
"version": "20.4.2.2"
},
{
"status": "affected",
"version": "20.4.2.1"
},
{
"status": "affected",
"version": "20.4.2.3"
},
{
"status": "affected",
"version": "20.5.1"
},
{
"status": "affected",
"version": "20.5.1.2"
},
{
"status": "affected",
"version": "20.5.1.1"
},
{
"status": "affected",
"version": "20.6.1"
},
{
"status": "affected",
"version": "20.6.1.1"
},
{
"status": "affected",
"version": "20.6.2.1"
},
{
"status": "affected",
"version": "20.6.2.2"
},
{
"status": "affected",
"version": "20.6.2"
},
{
"status": "affected",
"version": "20.6.3"
},
{
"status": "affected",
"version": "20.6.3.1"
},
{
"status": "affected",
"version": "20.6.4"
},
{
"status": "affected",
"version": "20.6.5"
},
{
"status": "affected",
"version": "20.6.5.1"
},
{
"status": "affected",
"version": "20.6.5.3"
},
{
"status": "affected",
"version": "20.6.1.2"
},
{
"status": "affected",
"version": "20.6.3.2"
},
{
"status": "affected",
"version": "20.6.4.1"
},
{
"status": "affected",
"version": "20.6.5.2"
},
{
"status": "affected",
"version": "20.6.5.4"
},
{
"status": "affected",
"version": "20.6.3.3"
},
{
"status": "affected",
"version": "20.6.4.2"
},
{
"status": "affected",
"version": "20.6.3.0.45"
},
{
"status": "affected",
"version": "20.6.3.0.46"
},
{
"status": "affected",
"version": "20.6.3.0.47"
},
{
"status": "affected",
"version": "20.6.3.4"
},
{
"status": "affected",
"version": "20.6.4.0.21"
},
{
"status": "affected",
"version": "20.6.5.1.10"
},
{
"status": "affected",
"version": "20.6.5.1.11"
},
{
"status": "affected",
"version": "20.6.5.1.7"
},
{
"status": "affected",
"version": "20.6.5.1.9"
},
{
"status": "affected",
"version": "20.6.5.2.4"
},
{
"status": "affected",
"version": "20.6.5.5"
},
{
"status": "affected",
"version": "20.6.5.2.8"
},
{
"status": "affected",
"version": "20.6.5.1.13"
},
{
"status": "affected",
"version": "20.6.6"
},
{
"status": "affected",
"version": "20.6.7"
},
{
"status": "affected",
"version": "20.6.8"
},
{
"status": "affected",
"version": "20.7.1"
},
{
"status": "affected",
"version": "20.7.1.1"
},
{
"status": "affected",
"version": "20.7.2"
},
{
"status": "affected",
"version": "20.8.1"
},
{
"status": "affected",
"version": "20.9.1"
},
{
"status": "affected",
"version": "20.9.2"
},
{
"status": "affected",
"version": "20.9.2.1"
},
{
"status": "affected",
"version": "20.9.3"
},
{
"status": "affected",
"version": "20.9.3.1"
},
{
"status": "affected",
"version": "20.9.2.3"
},
{
"status": "affected",
"version": "20.9.3.0.12"
},
{
"status": "affected",
"version": "20.9.3.0.16"
},
{
"status": "affected",
"version": "20.9.3.0.17"
},
{
"status": "affected",
"version": "20.9.3.0.18"
},
{
"status": "affected",
"version": "20.9.3.0.20"
},
{
"status": "affected",
"version": "20.9.3.0.21"
},
{
"status": "affected",
"version": "20.9.3.2"
},
{
"status": "affected",
"version": "20.9.3.2_LI_Images"
},
{
"status": "affected",
"version": "20.9.4"
},
{
"status": "affected",
"version": "20.9.4_LI_Images"
},
{
"status": "affected",
"version": "20.9.3.0.23"
},
{
"status": "affected",
"version": "20.9.4.1"
},
{
"status": "affected",
"version": "20.9.5"
},
{
"status": "affected",
"version": "20.9.5.1"
},
{
"status": "affected",
"version": "20.9.5.2"
},
{
"status": "affected",
"version": "20.9.6"
},
{
"status": "affected",
"version": "20.9.5.3"
},
{
"status": "affected",
"version": "20.9.7"
},
{
"status": "affected",
"version": "20.9.7.1"
},
{
"status": "affected",
"version": "20.9.8"
},
{
"status": "affected",
"version": "20.10.1"
},
{
"status": "affected",
"version": "20.10.1.1"
},
{
"status": "affected",
"version": "20.10.1.2"
},
{
"status": "affected",
"version": "20.11.1"
},
{
"status": "affected",
"version": "20.11.1.1"
},
{
"status": "affected",
"version": "20.11.1.2"
},
{
"status": "affected",
"version": "20.12.1"
},
{
"status": "affected",
"version": "20.12.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.2"
},
{
"status": "affected",
"version": "20.12.3"
},
{
"status": "affected",
"version": "20.12.3.1"
},
{
"status": "affected",
"version": "20.12.4"
},
{
"status": "affected",
"version": "20.12.4.1"
},
{
"status": "affected",
"version": "20.12.5"
},
{
"status": "affected",
"version": "20.12.5.1"
},
{
"status": "affected",
"version": "20.12.5.2"
},
{
"status": "affected",
"version": "20.12.6"
},
{
"status": "affected",
"version": "20.13.1"
},
{
"status": "affected",
"version": "20.14.1"
},
{
"status": "affected",
"version": "20.15.1"
},
{
"status": "affected",
"version": "20.15.2"
},
{
"status": "affected",
"version": "20.15.3"
},
{
"status": "affected",
"version": "20.15.3.1"
},
{
"status": "affected",
"version": "20.15.4"
},
{
"status": "affected",
"version": "20.15.4.1"
},
{
"status": "affected",
"version": "20.16.1"
},
{
"status": "affected",
"version": "20.18.1"
},
{
"status": "affected",
"version": "20.18.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system.\r\n\r This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system."
}
],
"exploits": [
{
"lang": "en",
"value": "In April 2026, the Cisco PSIRT became aware of active exploitation of the vulnerability that is described in CVE-2026-20133. Cisco strongly recommends that customers upgrade to a fixed software release to remediate these vulnerabilities."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T15:31:56.704Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sdwan-authbp-qwCX8D4v",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v"
}
],
"source": {
"advisory": "cisco-sa-sdwan-authbp-qwCX8D4v",
"defects": [
"CSCws33583"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20133",
"datePublished": "2026-02-25T16:13:56.017Z",
"dateReserved": "2025-10-08T11:59:15.380Z",
"dateUpdated": "2026-04-22T15:31:56.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2026-20133",
"cwes": "[\"CWE-200\"]",
"dateAdded": "2026-04-20",
"dueDate": "2026-04-23",
"knownRansomwareCampaignUse": "Unknown",
"notes": "CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v ; https://nvd.nist.gov/vuln/detail/CVE-2026-20133",
"product": "Catalyst SD-WAN Manager",
"requiredAction": "Please adhere to CISA\u2019s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA\u2019s Emergency Directive 26-03 (URL listed below in Notes) and CISA\u2019s \u201cHunt \u0026 Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
"shortDescription": "Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems.",
"vendorProject": "Cisco",
"vulnerabilityName": "Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…