This is the second time this year a threat actor has leveraged a CVSS 10.0 vulnerability in Cisco's network control system.

DR (DZone Research) offers insights into software development trends, industry surveys, and technology adoption patterns, providing reports, whitepapers, and analyst insights to help businesses make informed decisions and stay competitive in the ever-evolving tech landscape. By exploring DR's curated content, developers can gain insights into emerging technologies, developer preferences, and industry best practices for building innovative and market-leading software solutions. Whether you're a startup founder, product manager, or tech executive, DR offers resources to guide your strategic planning and drive business success.

Dark Reading

A critical CVSS 10.0 authentication bypass vulnerability (CVE-2026-20182) in Cisco Catalyst SD-WAN Controllers is being actively exploited in the wild by a threat actor tracked as UAT-8616. This is the second maximum-severity authentication bypass in the same product line this year — the first (CVE-2026-20127) was patched in February, but UAT-8616 quickly pivoted to the new flaw. The vulnerability allows unauthenticated attackers to gain administrative privileges by exploiting improper verification of vHub cloud routers, then access NETCONF to manipulate network configurations and escalate to root. Researchers at Cisco Talos and Rapid7 note the actor's overlap with Chinese ORB networks and possible critical infrastructure targeting. Organizations are urged to apply Cisco's newly released patch immediately.

Maximum Severity Cisco SD-WAN Bug Exploited in the Wild

Hackers Leverage Critical Bugs in Cisco Catalyst

What Might Happen Next to Cisco's Customers