CVE-2026-20128

⚠ KEVEPSS 0.07%

Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability

Added to CISA KEV: 4/20/2026

Description

Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user.

Affected packages (0)

No package mapping in OSV.