Synced 16 Jun 2026 15:24 UTC Account
← All products

CVE-2022-20775

HIGH severity · CVSS 7.8 · CWE-25 · actively exploited (CISA KEV)
7.8CVSS HIGH exploited
Actively exploited in the wild (CISA Known Exploited Vulnerabilities). Added to KEV 2026-02-25. US federal agencies must patch by 2026-02-27.

Summary

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF

Impact & exploitability

Attack vectorLocal
Attack complexityLow
Privileges requiredLow
User interactionNone
Confidentiality impactHigh
Integrity impactHigh
Availability impactHigh
Exploit probability (EPSS)12%

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products we track (1)

Catalyst SD-WAN Manager

Recommendation

This vulnerability is being actively exploited in the wild — patch affected products urgently. Open any affected product above for its exact safe version.

Additional information