Zero-Day Vulnerability in Cisco’s SD-WAN Systems Actively Exploited

A zero-day vulnerability in Cisco’s SD-WAN systems is actively being exploited by a persistent threat group, which is also linked to recent attacks targeting the vendor’s firewalls. The same group has been associated with previously disclosed vulnerabilities in Cisco’s products, though no specific CVE IDs or technical details of the zero-day were provided. The attacks are ongoing, indicating sustained malicious activity against Cisco infrastructure. No exact timeline, affected versions, or impacted regions were disclosed in the report. The focus is on the exploitation of SD-WAN and firewall systems by the threat actor.