【資安漏洞預警】Cisco Catalyst SD-WAN 存在重大資安漏洞(CVE-2026-20182)
[Security Vulnerability Alert] Cisco Catalyst SD-WAN has a critical cybersecurity vulnerability (CVE-2026-20182)

發布單位:圖資處數位服務組
日期範圍:2026/5/18 ~ 2026/11/18
 
發布單位:圖資處數位服務組
日期範圍:2026/5/18 ~ 2026/11/18
行政 行政公告
全體

轉發 台灣電腦網路危機處理暨協調中心 資安訊息警訊 TWCERTCC-200-202605-00000011

[內容說明]
Cisco Catalyst SD-WAN 是 Cisco 以雲端為中心的軟體定義廣域網路架構,提供集中管理、安全加密及應用效能優化,確保多雲環境的可靠連線,近日Cisco發布重大資安公告。
【CVE-2026-20182,CVSS:10.0】 此漏洞存在於Cisco Catalyst SD-WAN Controller (formerly vSmart) 與 Catalyst SD-WAN Manager (formerly vManage),允許遠端攻擊者發送特製請求繞過身分驗證,取得內部高權限帳號 (non-root)。
攻擊者後續可利用高權限帳號存取 NETCONF,修改 SD-WAN 網路架構配置,建立惡意網路節點並深入攻擊企業/組織網路。
註:Cisco Catalyst SD-WAN Controller (formerly vSmart) 與 Cisco Catalyst SD-WAN Manager (formerly vManage) 已被發現積極利用於攻擊活動,請儘速採取應變措施。

[影響平台]
Cisco Catalyst SD-WAN On-Prem Deployment、Cisco SD-WAN Cloud-Pro、Cisco SD-WAN Cloud (Cisco Managed)、Cisco SD-WAN for Government (FedRAMP)

[建議措施]
根據官方網站釋出的解決方式進行修補:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW

Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202605-00000011

[Content Description]
Cisco Catalyst SD-WAN is Cisco's cloud-centric software-defined wide area network (SD-WAN) architecture, providing centralized management, security encryption, and application performance optimization to ensure reliable connectivity in multi-cloud environments. Cisco recently released a major cybersecurity advisory.

【CVE-2026-20182, CVSS: 10.0】 This vulnerability exists in the Cisco Catalyst SD-WAN Controller (formerly vSmart) and Catalyst SD-WAN Manager (formerly vManage), allowing remote attackers to send specially crafted requests to bypass authentication and gain access to a high-privilege (non-root) internal account.

Attackers can then use this high-privilege account to access NETCONF, modify SD-WAN network configurations, establish malicious network nodes, and conduct in-depth attacks on enterprise/organizational networks. Note: Cisco Catalyst SD-WAN Controller (formerly vSmart) and Cisco Catalyst SD-WAN Manager (formerly vManage) have been found to be actively used in attack campaigns. Please take immediate action.

[Affected Platforms]
Cisco Catalyst SD-WAN On-Prem Deployment, Cisco SD-WAN Cloud-Pro, Cisco SD-WAN Cloud (Cisco Managed), Cisco SD-WAN for Government (FedRAMP)

[Recommended Actions]
Patch according to the solutions released on the official website:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW


相關附件
system_update_alt官方網站
【返回上頁】
Top↑