CVE-2026-20245 — Cisco Catalyst SD-WAN Manager Improper Encoding or Escaping of Output Vulnerabil

Description

Cisco Catalyst SD-WAN Manager formerly SD-WAN vManage contains an improper encoding or escaping of output vulnerability. This vulnerability could allow an authenticated, local attacker to execute arbitrary commands as root by supplying a crafted file to the affected system.

How to fix CVE-2026-20245

No package mapping is available — consult the references below for vendor-specific guidance.

Is CVE-2026-20245 being exploited?

Yes — CVE-2026-20245 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.

Affected packages (0)

No package mapping in OSV.