Cisco Patches Sixth SD-WAN Zero-Day Vulnerability in 2026

Cisco has patched a zero-day vulnerability (CVE-2026-20182) in its SD-WAN software, marking the sixth such flaw exploited in 2026. The vulnerability was actively targeted in attacks by a sophisticated threat actor designated UAT-8616. No additional technical details about the exploit or its impact were provided beyond its classification as a zero-day. The patch addresses the vulnerability, though specific affected versions or mitigation steps were not disclosed. The incident underscores ongoing exploitation of SD-WAN vulnerabilities in targeted campaigns.