Cisco SD-WAN Manager: Unauth Remote API Access Enables OS Info Leak
CVE-2026-20133 Published on February 25, 2026
A vulnerability in Cisco Catalyst SD-WAN Software could allow an unauthenticated, remote attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerability by accessing the vshell of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.
Known Exploited Vulnerability
This Cisco Catalyst SD-WAN Manager Exposure of Sensitive Information to an Unauthorized Actor Vulnerabili vulnerability is part of CISA's list of Known Exploited Vulnerabilities. Cisco Catalyst SD-WAN Manager contains an exposure of sensitive information to an unauthorized actor vulnerability that could allow remote attackers to view sensitive information on affected systems.
The following remediation steps are recommended / required by April 23, 2026: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (
Vulnerability Analysis
CVE-2026-20133 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. This vulnerability is known to be actively exploited by threat actors. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is an Information Disclosure Vulnerability?
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
CVE-2026-20133 has been classified to as an Information Disclosure vulnerability or weakness.
Products Associated with CVE-2026-20133
Want to know whenever a new CVE is published for Cisco Catalyst Sd Wan Manager? stack.watch will email you.
Affected Versions
Cisco Catalyst SD-WAN Manager:- Version 17.2.6 is affected.
- Version 17.2.7 is affected.
- Version 17.2.8 is affected.
- Version 17.2.9 is affected.
- Version 17.2.10 is affected.
- Version 17.2.4 is affected.
- Version 17.2.5 is affected.
- Version 18.3.1.1 is affected.
- Version 18.3.3.1 is affected.
- Version 18.3.3 is affected.
- Version 18.3.4 is affected.
- Version 18.3.5 is affected.
- Version 18.3.7 is affected.
- Version 18.3.8 is affected.
- Version 18.3.6.1 is affected.
- Version 18.3.1 is affected.
- Version 18.3.0 is affected.
- Version 18.4.0.1 is affected.
- Version 18.4.3 is affected.
- Version 18.4.302 is affected.
- Version 18.4.303 is affected.
- Version 18.4.4 is affected.
- Version 18.4.5 is affected.
- Version 18.4.0 is affected.
- Version 18.4.1 is affected.
- Version 18.4.6 is affected.
- Version 19.2.0 is affected.
- Version 19.2.097 is affected.
- Version 19.2.099 is affected.
- Version 19.2.1 is affected.
- Version 19.2.2 is affected.
- Version 19.2.3 is affected.
- Version 19.2.31 is affected.
- Version 19.2.929 is affected.
- Version 19.2.4 is affected.
- Version 20.1.1.1 is affected.
- Version 20.1.12 is affected.
- Version 20.1.1 is affected.
- Version 20.1.2 is affected.
- Version 20.1.3 is affected.
- Version 19.3.0 is affected.
- Version 19.1.0 is affected.
- Version 18.2.0 is affected.
- Version 20.3.1 is affected.
- Version 20.3.2 is affected.
- Version 20.3.2.1 is affected.
- Version 20.3.3 is affected.
- Version 20.3.3.1 is affected.
- Version 20.3.4 is affected.
- Version 20.3.4.1 is affected.
- Version 20.3.4.2 is affected.
- Version 20.3.5 is affected.
- Version 20.3.6 is affected.
- Version 20.3.7 is affected.
- Version 20.3.7.1 is affected.
- Version 20.3.4.3 is affected.
- Version 20.3.5.1 is affected.
- Version 20.3.7.2 is affected.
- Version 20.3.8 is affected.
- Version 20.4.1 is affected.
- Version 20.4.1.1 is affected.
- Version 20.4.1.2 is affected.
- Version 20.4.2 is affected.
- Version 20.4.2.2 is affected.
- Version 20.4.2.1 is affected.
- Version 20.4.2.3 is affected.
- Version 20.5.1 is affected.
- Version 20.5.1.2 is affected.
- Version 20.5.1.1 is affected.
- Version 20.6.1 is affected.
- Version 20.6.1.1 is affected.
- Version 20.6.2.1 is affected.
- Version 20.6.2.2 is affected.
- Version 20.6.2 is affected.
- Version 20.6.3 is affected.
- Version 20.6.3.1 is affected.
- Version 20.6.4 is affected.
- Version 20.6.5 is affected.
- Version 20.6.5.1 is affected.
- Version 20.6.5.3 is affected.
- Version 20.6.1.2 is affected.
- Version 20.6.3.2 is affected.
- Version 20.6.4.1 is affected.
- Version 20.6.5.2 is affected.
- Version 20.6.5.4 is affected.
- Version 20.6.3.3 is affected.
- Version 20.6.4.2 is affected.
- Version 20.6.3.0.45 is affected.
- Version 20.6.3.0.46 is affected.
- Version 20.6.3.0.47 is affected.
- Version 20.6.3.4 is affected.
- Version 20.6.4.0.21 is affected.
- Version 20.6.5.1.10 is affected.
- Version 20.6.5.1.11 is affected.
- Version 20.6.5.1.7 is affected.
- Version 20.6.5.1.9 is affected.
- Version 20.6.5.2.4 is affected.
- Version 20.6.5.5 is affected.
- Version 20.6.5.2.8 is affected.
- Version 20.6.5.1.13 is affected.
- Version 20.6.6 is affected.
- Version 20.6.7 is affected.
- Version 20.6.8 is affected.
- Version 20.7.1 is affected.
- Version 20.7.1.1 is affected.
- Version 20.7.2 is affected.
- Version 20.8.1 is affected.
- Version 20.9.1 is affected.
- Version 20.9.2 is affected.
- Version 20.9.2.1 is affected.
- Version 20.9.3 is affected.
- Version 20.9.3.1 is affected.
- Version 20.9.2.3 is affected.
- Version 20.9.3.0.12 is affected.
- Version 20.9.3.0.16 is affected.
- Version 20.9.3.0.17 is affected.
- Version 20.9.3.0.18 is affected.
- Version 20.9.3.0.20 is affected.
- Version 20.9.3.0.21 is affected.
- Version 20.9.3.2 is affected.
- Version 20.9.3.2_LI_Images is affected.
- Version 20.9.4 is affected.
- Version 20.9.4_LI_Images is affected.
- Version 20.9.3.0.23 is affected.
- Version 20.9.4.1 is affected.
- Version 20.9.5 is affected.
- Version 20.9.5.1 is affected.
- Version 20.9.5.2 is affected.
- Version 20.9.6 is affected.
- Version 20.9.5.3 is affected.
- Version 20.9.7 is affected.
- Version 20.9.7.1 is affected.
- Version 20.9.8 is affected.
- Version 20.10.1 is affected.
- Version 20.10.1.1 is affected.
- Version 20.10.1.2 is affected.
- Version 20.11.1 is affected.
- Version 20.11.1.1 is affected.
- Version 20.11.1.2 is affected.
- Version 20.12.1 is affected.
- Version 20.12.1_LI_Images is affected.
- Version 20.12.2 is affected.
- Version 20.12.3 is affected.
- Version 20.12.3.1 is affected.
- Version 20.12.4 is affected.
- Version 20.12.4.1 is affected.
- Version 20.12.5 is affected.
- Version 20.12.5.1 is affected.
- Version 20.12.5.2 is affected.
- Version 20.12.6 is affected.
- Version 20.13.1 is affected.
- Version 20.14.1 is affected.
- Version 20.15.1 is affected.
- Version 20.15.2 is affected.
- Version 20.15.3 is affected.
- Version 20.15.3.1 is affected.
- Version 20.15.4 is affected.
- Version 20.15.4.1 is affected.
- Version 20.16.1 is affected.
- Version 20.18.1 is affected.
- Version 20.18.2 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.