CVE-2026-20133 (GCVE-0-2026-20133)
Vulnerability from cvelistv5 – Published: 2026-02-25 16:13 – Updated: 2026-04-22 15:31
VLAI?
CISA KEV
Summary
A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system.
This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.
Severity ?
6.5 (Medium)
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco Catalyst SD-WAN Manager |
Affected:
17.2.6
Affected: 17.2.7 Affected: 17.2.8 Affected: 17.2.9 Affected: 17.2.10 Affected: 17.2.4 Affected: 17.2.5 Affected: 18.3.1.1 Affected: 18.3.3.1 Affected: 18.3.3 Affected: 18.3.4 Affected: 18.3.5 Affected: 18.3.7 Affected: 18.3.8 Affected: 18.3.6.1 Affected: 18.3.1 Affected: 18.3.0 Affected: 18.4.0.1 Affected: 18.4.3 Affected: 18.4.302 Affected: 18.4.303 Affected: 18.4.4 Affected: 18.4.5 Affected: 18.4.0 Affected: 18.4.1 Affected: 18.4.6 Affected: 19.2.0 Affected: 19.2.097 Affected: 19.2.099 Affected: 19.2.1 Affected: 19.2.2 Affected: 19.2.3 Affected: 19.2.31 Affected: 19.2.929 Affected: 19.2.4 Affected: 20.1.1.1 Affected: 20.1.12 Affected: 20.1.1 Affected: 20.1.2 Affected: 20.1.3 Affected: 19.3.0 Affected: 19.1.0 Affected: 18.2.0 Affected: 20.3.1 Affected: 20.3.2 Affected: 20.3.2.1 Affected: 20.3.3 Affected: 20.3.3.1 Affected: 20.3.4 Affected: 20.3.4.1 Affected: 20.3.4.2 Affected: 20.3.5 Affected: 20.3.6 Affected: 20.3.7 Affected: 20.3.7.1 Affected: 20.3.4.3 Affected: 20.3.5.1 Affected: 20.3.7.2 Affected: 20.3.8 Affected: 20.4.1 Affected: 20.4.1.1 Affected: 20.4.1.2 Affected: 20.4.2 Affected: 20.4.2.2 Affected: 20.4.2.1 Affected: 20.4.2.3 Affected: 20.5.1 Affected: 20.5.1.2 Affected: 20.5.1.1 Affected: 20.6.1 Affected: 20.6.1.1 Affected: 20.6.2.1 Affected: 20.6.2.2 Affected: 20.6.2 Affected: 20.6.3 Affected: 20.6.3.1 Affected: 20.6.4 Affected: 20.6.5 Affected: 20.6.5.1 Affected: 20.6.5.3 Affected: 20.6.1.2 Affected: 20.6.3.2 Affected: 20.6.4.1 Affected: 20.6.5.2 Affected: 20.6.5.4 Affected: 20.6.3.3 Affected: 20.6.4.2 Affected: 20.6.3.0.45 Affected: 20.6.3.0.46 Affected: 20.6.3.0.47 Affected: 20.6.3.4 Affected: 20.6.4.0.21 Affected: 20.6.5.1.10 Affected: 20.6.5.1.11 Affected: 20.6.5.1.7 Affected: 20.6.5.1.9 Affected: 20.6.5.2.4 Affected: 20.6.5.5 Affected: 20.6.5.2.8 Affected: 20.6.5.1.13 Affected: 20.6.6 Affected: 20.6.7 Affected: 20.6.8 Affected: 20.7.1 Affected: 20.7.1.1 Affected: 20.7.2 Affected: 20.8.1 Affected: 20.9.1 Affected: 20.9.2 Affected: 20.9.2.1 Affected: 20.9.3 Affected: 20.9.3.1 Affected: 20.9.2.3 Affected: 20.9.3.0.12 Affected: 20.9.3.0.16 Affected: 20.9.3.0.17 Affected: 20.9.3.0.18 Affected: 20.9.3.0.20 Affected: 20.9.3.0.21 Affected: 20.9.3.2 Affected: 20.9.3.2_LI_Images Affected: 20.9.4 Affected: 20.9.4_LI_Images Affected: 20.9.3.0.23 Affected: 20.9.4.1 Affected: 20.9.5 Affected: 20.9.5.1 Affected: 20.9.5.2 Affected: 20.9.6 Affected: 20.9.5.3 Affected: 20.9.7 Affected: 20.9.7.1 Affected: 20.9.8 Affected: 20.10.1 Affected: 20.10.1.1 Affected: 20.10.1.2 Affected: 20.11.1 Affected: 20.11.1.1 Affected: 20.11.1.2 Affected: 20.12.1 Affected: 20.12.1_LI_Images Affected: 20.12.2 Affected: 20.12.3 Affected: 20.12.3.1 Affected: 20.12.4 Affected: 20.12.4.1 Affected: 20.12.5 Affected: 20.12.5.1 Affected: 20.12.5.2 Affected: 20.12.6 Affected: 20.13.1 Affected: 20.14.1 Affected: 20.15.1 Affected: 20.15.2 Affected: 20.15.3 Affected: 20.15.3.1 Affected: 20.15.4 Affected: 20.15.4.1 Affected: 20.16.1 Affected: 20.18.1 Affected: 20.18.2 |
CISA KEV
Known Exploited Vulnerability - GCVE BCP-07 Compliant
KEV entry ID: 3ce3ea70-a19c-4c91-a7fc-bb080fcc7142
Exploited: Yes
Timestamps
First Seen: 2026-04-20
Asserted: 2026-04-20
Scope
Notes: KEV entry: Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability | Affected: Cisco / Catalyst SD-WAN Manager | Description: Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems. | Required action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available. | Due date: 2026-04-23 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v ; https://nvd.nist.gov/vuln/detail/CVE-2026-20133
Evidence
Type: Vendor Report
Signal: Successful Exploitation
Confidence: 80%
Source: cisa-kev
Details
| Cwes | CWE-200 |
|---|---|
| Feed | CISA Known Exploited Vulnerabilities Catalog |
| Product | Catalyst SD-WAN Manager |
| Due Date | 2026-04-23 |
| Date Added | 2026-04-20 |
| Vendorproject | Cisco |
| Vulnerabilityname | Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability |
| Knownransomwarecampaignuse | Unknown |
References
Created: 2026-04-20 20:00 UTC
| Updated: 2026-04-20 20:00 UTC
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-20133",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-22T13:54:59.090766Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2026-04-20",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20133"
},
"type": "kev"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T13:55:06.357Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20133"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco Catalyst SD-WAN Manager",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "17.2.6"
},
{
"status": "affected",
"version": "17.2.7"
},
{
"status": "affected",
"version": "17.2.8"
},
{
"status": "affected",
"version": "17.2.9"
},
{
"status": "affected",
"version": "17.2.10"
},
{
"status": "affected",
"version": "17.2.4"
},
{
"status": "affected",
"version": "17.2.5"
},
{
"status": "affected",
"version": "18.3.1.1"
},
{
"status": "affected",
"version": "18.3.3.1"
},
{
"status": "affected",
"version": "18.3.3"
},
{
"status": "affected",
"version": "18.3.4"
},
{
"status": "affected",
"version": "18.3.5"
},
{
"status": "affected",
"version": "18.3.7"
},
{
"status": "affected",
"version": "18.3.8"
},
{
"status": "affected",
"version": "18.3.6.1"
},
{
"status": "affected",
"version": "18.3.1"
},
{
"status": "affected",
"version": "18.3.0"
},
{
"status": "affected",
"version": "18.4.0.1"
},
{
"status": "affected",
"version": "18.4.3"
},
{
"status": "affected",
"version": "18.4.302"
},
{
"status": "affected",
"version": "18.4.303"
},
{
"status": "affected",
"version": "18.4.4"
},
{
"status": "affected",
"version": "18.4.5"
},
{
"status": "affected",
"version": "18.4.0"
},
{
"status": "affected",
"version": "18.4.1"
},
{
"status": "affected",
"version": "18.4.6"
},
{
"status": "affected",
"version": "19.2.0"
},
{
"status": "affected",
"version": "19.2.097"
},
{
"status": "affected",
"version": "19.2.099"
},
{
"status": "affected",
"version": "19.2.1"
},
{
"status": "affected",
"version": "19.2.2"
},
{
"status": "affected",
"version": "19.2.3"
},
{
"status": "affected",
"version": "19.2.31"
},
{
"status": "affected",
"version": "19.2.929"
},
{
"status": "affected",
"version": "19.2.4"
},
{
"status": "affected",
"version": "20.1.1.1"
},
{
"status": "affected",
"version": "20.1.12"
},
{
"status": "affected",
"version": "20.1.1"
},
{
"status": "affected",
"version": "20.1.2"
},
{
"status": "affected",
"version": "20.1.3"
},
{
"status": "affected",
"version": "19.3.0"
},
{
"status": "affected",
"version": "19.1.0"
},
{
"status": "affected",
"version": "18.2.0"
},
{
"status": "affected",
"version": "20.3.1"
},
{
"status": "affected",
"version": "20.3.2"
},
{
"status": "affected",
"version": "20.3.2.1"
},
{
"status": "affected",
"version": "20.3.3"
},
{
"status": "affected",
"version": "20.3.3.1"
},
{
"status": "affected",
"version": "20.3.4"
},
{
"status": "affected",
"version": "20.3.4.1"
},
{
"status": "affected",
"version": "20.3.4.2"
},
{
"status": "affected",
"version": "20.3.5"
},
{
"status": "affected",
"version": "20.3.6"
},
{
"status": "affected",
"version": "20.3.7"
},
{
"status": "affected",
"version": "20.3.7.1"
},
{
"status": "affected",
"version": "20.3.4.3"
},
{
"status": "affected",
"version": "20.3.5.1"
},
{
"status": "affected",
"version": "20.3.7.2"
},
{
"status": "affected",
"version": "20.3.8"
},
{
"status": "affected",
"version": "20.4.1"
},
{
"status": "affected",
"version": "20.4.1.1"
},
{
"status": "affected",
"version": "20.4.1.2"
},
{
"status": "affected",
"version": "20.4.2"
},
{
"status": "affected",
"version": "20.4.2.2"
},
{
"status": "affected",
"version": "20.4.2.1"
},
{
"status": "affected",
"version": "20.4.2.3"
},
{
"status": "affected",
"version": "20.5.1"
},
{
"status": "affected",
"version": "20.5.1.2"
},
{
"status": "affected",
"version": "20.5.1.1"
},
{
"status": "affected",
"version": "20.6.1"
},
{
"status": "affected",
"version": "20.6.1.1"
},
{
"status": "affected",
"version": "20.6.2.1"
},
{
"status": "affected",
"version": "20.6.2.2"
},
{
"status": "affected",
"version": "20.6.2"
},
{
"status": "affected",
"version": "20.6.3"
},
{
"status": "affected",
"version": "20.6.3.1"
},
{
"status": "affected",
"version": "20.6.4"
},
{
"status": "affected",
"version": "20.6.5"
},
{
"status": "affected",
"version": "20.6.5.1"
},
{
"status": "affected",
"version": "20.6.5.3"
},
{
"status": "affected",
"version": "20.6.1.2"
},
{
"status": "affected",
"version": "20.6.3.2"
},
{
"status": "affected",
"version": "20.6.4.1"
},
{
"status": "affected",
"version": "20.6.5.2"
},
{
"status": "affected",
"version": "20.6.5.4"
},
{
"status": "affected",
"version": "20.6.3.3"
},
{
"status": "affected",
"version": "20.6.4.2"
},
{
"status": "affected",
"version": "20.6.3.0.45"
},
{
"status": "affected",
"version": "20.6.3.0.46"
},
{
"status": "affected",
"version": "20.6.3.0.47"
},
{
"status": "affected",
"version": "20.6.3.4"
},
{
"status": "affected",
"version": "20.6.4.0.21"
},
{
"status": "affected",
"version": "20.6.5.1.10"
},
{
"status": "affected",
"version": "20.6.5.1.11"
},
{
"status": "affected",
"version": "20.6.5.1.7"
},
{
"status": "affected",
"version": "20.6.5.1.9"
},
{
"status": "affected",
"version": "20.6.5.2.4"
},
{
"status": "affected",
"version": "20.6.5.5"
},
{
"status": "affected",
"version": "20.6.5.2.8"
},
{
"status": "affected",
"version": "20.6.5.1.13"
},
{
"status": "affected",
"version": "20.6.6"
},
{
"status": "affected",
"version": "20.6.7"
},
{
"status": "affected",
"version": "20.6.8"
},
{
"status": "affected",
"version": "20.7.1"
},
{
"status": "affected",
"version": "20.7.1.1"
},
{
"status": "affected",
"version": "20.7.2"
},
{
"status": "affected",
"version": "20.8.1"
},
{
"status": "affected",
"version": "20.9.1"
},
{
"status": "affected",
"version": "20.9.2"
},
{
"status": "affected",
"version": "20.9.2.1"
},
{
"status": "affected",
"version": "20.9.3"
},
{
"status": "affected",
"version": "20.9.3.1"
},
{
"status": "affected",
"version": "20.9.2.3"
},
{
"status": "affected",
"version": "20.9.3.0.12"
},
{
"status": "affected",
"version": "20.9.3.0.16"
},
{
"status": "affected",
"version": "20.9.3.0.17"
},
{
"status": "affected",
"version": "20.9.3.0.18"
},
{
"status": "affected",
"version": "20.9.3.0.20"
},
{
"status": "affected",
"version": "20.9.3.0.21"
},
{
"status": "affected",
"version": "20.9.3.2"
},
{
"status": "affected",
"version": "20.9.3.2_LI_Images"
},
{
"status": "affected",
"version": "20.9.4"
},
{
"status": "affected",
"version": "20.9.4_LI_Images"
},
{
"status": "affected",
"version": "20.9.3.0.23"
},
{
"status": "affected",
"version": "20.9.4.1"
},
{
"status": "affected",
"version": "20.9.5"
},
{
"status": "affected",
"version": "20.9.5.1"
},
{
"status": "affected",
"version": "20.9.5.2"
},
{
"status": "affected",
"version": "20.9.6"
},
{
"status": "affected",
"version": "20.9.5.3"
},
{
"status": "affected",
"version": "20.9.7"
},
{
"status": "affected",
"version": "20.9.7.1"
},
{
"status": "affected",
"version": "20.9.8"
},
{
"status": "affected",
"version": "20.10.1"
},
{
"status": "affected",
"version": "20.10.1.1"
},
{
"status": "affected",
"version": "20.10.1.2"
},
{
"status": "affected",
"version": "20.11.1"
},
{
"status": "affected",
"version": "20.11.1.1"
},
{
"status": "affected",
"version": "20.11.1.2"
},
{
"status": "affected",
"version": "20.12.1"
},
{
"status": "affected",
"version": "20.12.1_LI_Images"
},
{
"status": "affected",
"version": "20.12.2"
},
{
"status": "affected",
"version": "20.12.3"
},
{
"status": "affected",
"version": "20.12.3.1"
},
{
"status": "affected",
"version": "20.12.4"
},
{
"status": "affected",
"version": "20.12.4.1"
},
{
"status": "affected",
"version": "20.12.5"
},
{
"status": "affected",
"version": "20.12.5.1"
},
{
"status": "affected",
"version": "20.12.5.2"
},
{
"status": "affected",
"version": "20.12.6"
},
{
"status": "affected",
"version": "20.13.1"
},
{
"status": "affected",
"version": "20.14.1"
},
{
"status": "affected",
"version": "20.15.1"
},
{
"status": "affected",
"version": "20.15.2"
},
{
"status": "affected",
"version": "20.15.3"
},
{
"status": "affected",
"version": "20.15.3.1"
},
{
"status": "affected",
"version": "20.15.4"
},
{
"status": "affected",
"version": "20.15.4.1"
},
{
"status": "affected",
"version": "20.16.1"
},
{
"status": "affected",
"version": "20.18.1"
},
{
"status": "affected",
"version": "20.18.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system.\r\n\r This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system."
}
],
"exploits": [
{
"lang": "en",
"value": "In April 2026, the Cisco PSIRT became aware of active exploitation of the vulnerability that is described in CVE-2026-20133. Cisco strongly recommends that customers upgrade to a fixed software release to remediate these vulnerabilities."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-22T15:31:56.704Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-sdwan-authbp-qwCX8D4v",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v"
}
],
"source": {
"advisory": "cisco-sa-sdwan-authbp-qwCX8D4v",
"defects": [
"CSCws33583"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2026-20133",
"datePublished": "2026-02-25T16:13:56.017Z",
"dateReserved": "2025-10-08T11:59:15.380Z",
"dateUpdated": "2026-04-22T15:31:56.704Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"cisa_known_exploited": {
"cveID": "CVE-2026-20133",
"cwes": "[\"CWE-200\"]",
"dateAdded": "2026-04-20",
"dueDate": "2026-04-23",
"knownRansomwareCampaignUse": "Unknown",
"notes": "CISA Mitigation Instructions: https://www.cisa.gov/news-events/directives/ed-26-03-mitigate-vulnerabilities-cisco-sd-wan-systems ; https://www.cisa.gov/news-events/directives/supplemental-direction-ed-26-03-hunt-and-hardening-guidance-cisco-sd-wan-systems ; https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v ; https://nvd.nist.gov/vuln/detail/CVE-2026-20133",
"product": "Catalyst SD-WAN Manager",
"requiredAction": "Please adhere to CISA\u2019s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA\u2019s Emergency Directive 26-03 (URL listed below in Notes) and CISA\u2019s \u201cHunt \u0026 Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.",
"shortDescription": "Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems.",
"vendorProject": "Cisco",
"vulnerabilityName": "Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability"
},
"epss": {
"cve": "CVE-2026-20133",
"date": "2026-04-23",
"epss": "0.0139",
"percentile": "0.80409"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-20133\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2026-02-25T17:25:30.983\",\"lastModified\":\"2026-04-22T16:56:21.973\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system.\\r\\n\\r This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en Cisco Catalyst SD-WAN Manager podr\u00eda permitir a un atacante remoto no autenticado ver informaci\u00f3n sensible en un sistema afectado.\\n\\nEsta vulnerabilidad se debe a restricciones de acceso al sistema de archivos insuficientes. Un atacante podr\u00eda explotar esta vulnerabilidad al acceder a la API de un sistema afectado. Un exploit exitoso podr\u00eda permitir al atacante leer informaci\u00f3n sensible en el sistema operativo subyacente.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"cisaExploitAdd\":\"2026-04-20\",\"cisaActionDue\":\"2026-04-23\",\"cisaRequiredAction\":\"Please adhere to CISA\u2019s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA\u2019s Emergency Directive 26-03 (URL listed below in Notes) and CISA\u2019s \u201cHunt \u0026 Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.\",\"cisaVulnerabilityName\":\"Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerability\",\"weaknesses\":[{\"source\":\"psirt@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"20.9.8.2\",\"matchCriteriaId\":\"0388BD67-C1AD-4E47-8B1A-22EE1634190E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.10\",\"versionEndExcluding\":\"20.12.5.3\",\"matchCriteriaId\":\"ADAB32B5-239D-4DC0-BF30-A6D72ACB3710\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.13\",\"versionEndExcluding\":\"20.15.4.2\",\"matchCriteriaId\":\"D284EA84-6C27-4A9C-BDA2-D1C5BF1F2356\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"20.16\",\"versionEndExcluding\":\"20.18.2.1\",\"matchCriteriaId\":\"B94E1DC2-5DA5-4238-8040-6D524DDEAA4F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5B6E170-73B8-4838-93B4-AD258F3BCA7C\"}]}]}],\"references\":[{\"url\":\"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20133\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-20133\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-04-22T13:54:59.090766Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2026-04-20\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20133\"}}}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20133\", \"tags\": [\"government-resource\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-02-25T18:17:58.540Z\"}}], \"cna\": {\"source\": {\"defects\": [\"CSCws33583\"], \"advisory\": \"cisco-sa-sdwan-authbp-qwCX8D4v\", \"discovery\": \"INTERNAL\"}, \"metrics\": [{\"format\": \"cvssV3_1\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"Cisco\", \"product\": \"Cisco Catalyst SD-WAN Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"17.2.6\"}, {\"status\": \"affected\", \"version\": \"17.2.7\"}, {\"status\": \"affected\", \"version\": \"17.2.8\"}, {\"status\": \"affected\", \"version\": \"17.2.9\"}, {\"status\": \"affected\", \"version\": \"17.2.10\"}, {\"status\": \"affected\", \"version\": \"17.2.4\"}, {\"status\": \"affected\", \"version\": \"17.2.5\"}, {\"status\": \"affected\", \"version\": \"18.3.1.1\"}, {\"status\": \"affected\", \"version\": \"18.3.3.1\"}, {\"status\": \"affected\", \"version\": \"18.3.3\"}, {\"status\": \"affected\", \"version\": \"18.3.4\"}, {\"status\": \"affected\", \"version\": \"18.3.5\"}, {\"status\": \"affected\", \"version\": \"18.3.7\"}, {\"status\": \"affected\", \"version\": \"18.3.8\"}, {\"status\": \"affected\", \"version\": \"18.3.6.1\"}, {\"status\": \"affected\", \"version\": \"18.3.1\"}, {\"status\": \"affected\", \"version\": \"18.3.0\"}, {\"status\": \"affected\", \"version\": \"18.4.0.1\"}, {\"status\": \"affected\", \"version\": \"18.4.3\"}, {\"status\": \"affected\", \"version\": \"18.4.302\"}, {\"status\": \"affected\", \"version\": \"18.4.303\"}, {\"status\": \"affected\", \"version\": \"18.4.4\"}, {\"status\": \"affected\", \"version\": \"18.4.5\"}, {\"status\": \"affected\", \"version\": \"18.4.0\"}, {\"status\": \"affected\", \"version\": \"18.4.1\"}, {\"status\": \"affected\", \"version\": \"18.4.6\"}, {\"status\": \"affected\", \"version\": \"19.2.0\"}, {\"status\": \"affected\", \"version\": \"19.2.097\"}, {\"status\": \"affected\", \"version\": \"19.2.099\"}, {\"status\": \"affected\", \"version\": \"19.2.1\"}, {\"status\": \"affected\", \"version\": \"19.2.2\"}, {\"status\": \"affected\", \"version\": \"19.2.3\"}, {\"status\": \"affected\", \"version\": \"19.2.31\"}, {\"status\": \"affected\", \"version\": \"19.2.929\"}, {\"status\": \"affected\", \"version\": \"19.2.4\"}, {\"status\": \"affected\", \"version\": \"20.1.1.1\"}, {\"status\": \"affected\", \"version\": \"20.1.12\"}, {\"status\": \"affected\", \"version\": \"20.1.1\"}, {\"status\": \"affected\", \"version\": \"20.1.2\"}, {\"status\": \"affected\", \"version\": \"20.1.3\"}, {\"status\": \"affected\", \"version\": \"19.3.0\"}, {\"status\": \"affected\", \"version\": \"19.1.0\"}, {\"status\": \"affected\", \"version\": \"18.2.0\"}, {\"status\": \"affected\", \"version\": \"20.3.1\"}, {\"status\": \"affected\", \"version\": \"20.3.2\"}, {\"status\": \"affected\", \"version\": \"20.3.2.1\"}, {\"status\": \"affected\", \"version\": \"20.3.3\"}, {\"status\": \"affected\", \"version\": \"20.3.3.1\"}, {\"status\": \"affected\", \"version\": \"20.3.4\"}, {\"status\": \"affected\", \"version\": \"20.3.4.1\"}, {\"status\": \"affected\", \"version\": \"20.3.4.2\"}, {\"status\": \"affected\", \"version\": \"20.3.5\"}, {\"status\": \"affected\", \"version\": \"20.3.6\"}, {\"status\": \"affected\", \"version\": \"20.3.7\"}, {\"status\": \"affected\", \"version\": \"20.3.7.1\"}, {\"status\": \"affected\", \"version\": \"20.3.4.3\"}, {\"status\": \"affected\", \"version\": \"20.3.5.1\"}, {\"status\": \"affected\", \"version\": \"20.3.7.2\"}, {\"status\": \"affected\", \"version\": \"20.3.8\"}, {\"status\": \"affected\", \"version\": \"20.4.1\"}, {\"status\": \"affected\", \"version\": \"20.4.1.1\"}, {\"status\": \"affected\", \"version\": \"20.4.1.2\"}, {\"status\": \"affected\", \"version\": \"20.4.2\"}, {\"status\": \"affected\", \"version\": \"20.4.2.2\"}, {\"status\": \"affected\", \"version\": \"20.4.2.1\"}, {\"status\": \"affected\", \"version\": \"20.4.2.3\"}, {\"status\": \"affected\", \"version\": \"20.5.1\"}, {\"status\": \"affected\", \"version\": \"20.5.1.2\"}, {\"status\": \"affected\", \"version\": \"20.5.1.1\"}, {\"status\": \"affected\", \"version\": \"20.6.1\"}, {\"status\": \"affected\", \"version\": \"20.6.1.1\"}, {\"status\": \"affected\", \"version\": \"20.6.2.1\"}, {\"status\": \"affected\", \"version\": \"20.6.2.2\"}, {\"status\": \"affected\", \"version\": \"20.6.2\"}, {\"status\": \"affected\", \"version\": \"20.6.3\"}, {\"status\": \"affected\", \"version\": \"20.6.3.1\"}, {\"status\": \"affected\", \"version\": \"20.6.4\"}, {\"status\": \"affected\", \"version\": \"20.6.5\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1\"}, {\"status\": \"affected\", \"version\": \"20.6.5.3\"}, {\"status\": \"affected\", \"version\": \"20.6.1.2\"}, {\"status\": \"affected\", \"version\": \"20.6.3.2\"}, {\"status\": \"affected\", \"version\": \"20.6.4.1\"}, {\"status\": \"affected\", \"version\": \"20.6.5.2\"}, {\"status\": \"affected\", \"version\": \"20.6.5.4\"}, {\"status\": \"affected\", \"version\": \"20.6.3.3\"}, {\"status\": \"affected\", \"version\": \"20.6.4.2\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.45\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.46\"}, {\"status\": \"affected\", \"version\": \"20.6.3.0.47\"}, {\"status\": \"affected\", \"version\": \"20.6.3.4\"}, {\"status\": \"affected\", \"version\": \"20.6.4.0.21\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.10\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.11\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.7\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.9\"}, {\"status\": \"affected\", \"version\": \"20.6.5.2.4\"}, {\"status\": \"affected\", \"version\": \"20.6.5.5\"}, {\"status\": \"affected\", \"version\": \"20.6.5.2.8\"}, {\"status\": \"affected\", \"version\": \"20.6.5.1.13\"}, {\"status\": \"affected\", \"version\": \"20.6.6\"}, {\"status\": \"affected\", \"version\": \"20.6.7\"}, {\"status\": \"affected\", \"version\": \"20.6.8\"}, {\"status\": \"affected\", \"version\": \"20.7.1\"}, {\"status\": \"affected\", \"version\": \"20.7.1.1\"}, {\"status\": \"affected\", \"version\": \"20.7.2\"}, {\"status\": \"affected\", \"version\": \"20.8.1\"}, {\"status\": \"affected\", \"version\": \"20.9.1\"}, {\"status\": \"affected\", \"version\": \"20.9.2\"}, {\"status\": \"affected\", \"version\": \"20.9.2.1\"}, {\"status\": \"affected\", \"version\": \"20.9.3\"}, {\"status\": \"affected\", \"version\": \"20.9.3.1\"}, {\"status\": \"affected\", \"version\": \"20.9.2.3\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.12\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.16\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.17\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.18\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.20\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.21\"}, {\"status\": \"affected\", \"version\": \"20.9.3.2\"}, {\"status\": \"affected\", \"version\": \"20.9.3.2_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.4\"}, {\"status\": \"affected\", \"version\": \"20.9.4_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.9.3.0.23\"}, {\"status\": \"affected\", \"version\": \"20.9.4.1\"}, {\"status\": \"affected\", \"version\": \"20.9.5\"}, {\"status\": \"affected\", \"version\": \"20.9.5.1\"}, {\"status\": \"affected\", \"version\": \"20.9.5.2\"}, {\"status\": \"affected\", \"version\": \"20.9.6\"}, {\"status\": \"affected\", \"version\": \"20.9.5.3\"}, {\"status\": \"affected\", \"version\": \"20.9.7\"}, {\"status\": \"affected\", \"version\": \"20.9.7.1\"}, {\"status\": \"affected\", \"version\": \"20.9.8\"}, {\"status\": \"affected\", \"version\": \"20.10.1\"}, {\"status\": \"affected\", \"version\": \"20.10.1.1\"}, {\"status\": \"affected\", \"version\": \"20.10.1.2\"}, {\"status\": \"affected\", \"version\": \"20.11.1\"}, {\"status\": \"affected\", \"version\": \"20.11.1.1\"}, {\"status\": \"affected\", \"version\": \"20.11.1.2\"}, {\"status\": \"affected\", \"version\": \"20.12.1\"}, {\"status\": \"affected\", \"version\": \"20.12.1_LI_Images\"}, {\"status\": \"affected\", \"version\": \"20.12.2\"}, {\"status\": \"affected\", \"version\": \"20.12.3\"}, {\"status\": \"affected\", \"version\": \"20.12.3.1\"}, {\"status\": \"affected\", \"version\": \"20.12.4\"}, {\"status\": \"affected\", \"version\": \"20.12.4.1\"}, {\"status\": \"affected\", \"version\": \"20.12.5\"}, {\"status\": \"affected\", \"version\": \"20.12.5.1\"}, {\"status\": \"affected\", \"version\": \"20.12.5.2\"}, {\"status\": \"affected\", \"version\": \"20.12.6\"}, {\"status\": \"affected\", \"version\": \"20.13.1\"}, {\"status\": \"affected\", \"version\": \"20.14.1\"}, {\"status\": \"affected\", \"version\": \"20.15.1\"}, {\"status\": \"affected\", \"version\": \"20.15.2\"}, {\"status\": \"affected\", \"version\": \"20.15.3\"}, {\"status\": \"affected\", \"version\": \"20.15.3.1\"}, {\"status\": \"affected\", \"version\": \"20.15.4\"}, {\"status\": \"affected\", \"version\": \"20.15.4.1\"}, {\"status\": \"affected\", \"version\": \"20.16.1\"}, {\"status\": \"affected\", \"version\": \"20.18.1\"}, {\"status\": \"affected\", \"version\": \"20.18.2\"}]}], \"exploits\": [{\"lang\": \"en\", \"value\": \"In April 2026, the Cisco PSIRT became aware of active exploitation of the vulnerability that is described in CVE-2026-20133. Cisco strongly recommends that customers upgrade to a fixed software release to remediate these vulnerabilities.\"}], \"references\": [{\"url\": \"https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-authbp-qwCX8D4v\", \"name\": \"cisco-sa-sdwan-authbp-qwCX8D4v\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system.\\r\\n\\r This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"cwe\", \"cweId\": \"CWE-200\", \"description\": \"Exposure of Sensitive Information to an Unauthorized Actor\"}]}], \"providerMetadata\": {\"orgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"shortName\": \"cisco\", \"dateUpdated\": \"2026-04-22T15:31:56.704Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-20133\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-04-22T15:31:56.704Z\", \"dateReserved\": \"2025-10-08T11:59:15.380Z\", \"assignerOrgId\": \"d1c1063e-7a18-46af-9102-31f8928bc633\", \"datePublished\": \"2026-02-25T16:13:56.017Z\", \"assignerShortName\": \"cisco\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…