FAIL › dossier
FedRAMP provider · · dossier confidence 80%
Cisco Systems Inc. is a major public technology vendor with a significant security track record in 2026 characterized by multiple critical zero-day vulnerabilities, particularly in SD-WAN Manager and Unified CM products, with some vulnerabilities remaining unpatched for extended periods.
Cisco has demonstrated a pattern of releasing multiple critical and high-severity zero-day vulnerabilities in 2026, particularly within the SD-WAN Manager product line, with some vulnerabilities remaining unpatched for extended periods.
| Date | Event | Sev | Flags | Shame | Summary |
|---|---|---|---|---|---|
| 2026-06-25 | CVE-2026-20230 | high | ⚡RCE ⌖KEV | 85 | Cisco Unified CM SSRF vulnerability allows unauthenticated remote attackers to write files to the OS and escalate to root. |
| 2026-05-14 | CVE-2026-20182 | high | ⚡RCE ⌖KEV | 85 | Cisco Catalyst SD-WAN Controller allows unauthenticated remote attackers to bypass authentication and gain administrative privileges. |
| 2026-03-19 | CVE-2026-20131 | critical | ⚡RCE ⌖KEV | 85 | Cisco FMC and SCC allow unauthenticated remote attackers to execute arbitrary Java code as root via deserialization of untrusted data. |
| 2026-04-20 | CVE-2026-20128 | high | ⌖KEV | 65 | Cisco Catalyst SD-WAN Manager stores passwords in a recoverable format, allowing local attackers to escalate privileges by reading credential files. |
| 2026-06-15 | CVE-2026-20262 | high | ⌖KEV | 45 | Cisco Catalyst SD-WAN Manager allows authenticated attackers to overwrite arbitrary files via path traversal. |
| 2026-06-09 | CVE-2026-20245 | high | ⚡RCE ⌖KEV | 45 | Cisco SD-WAN Manager allows authenticated local attackers to execute arbitrary root commands via crafted file uploads. |
| 2026-04-20 | CVE-2026-20122 | high | ⌖KEV | 45 | Cisco Catalyst SD-WAN Manager allows attackers to overwrite arbitrary files and gain vmanage privileges via local file upload. |
| 2026-04-20 | CVE-2026-20133 | high | ⌖KEV | 45 | Cisco Catalyst SD-WAN Manager allows remote attackers to view sensitive information due to an exposure vulnerability actively exploited in the wild. |
| 2026-07-13 | CVE-2008-4128 | high | — | Cisco IOS Cross-Site Request Forgery Vulnerability |
| Product | Status | Impact |
|---|---|---|
| Cisco Cloudlock for Government | Authorized | Moderate |
| Cisco Meraki for Government | In Process | Moderate |
| Cisco SD-WAN for Government | In Process | Moderate |
| Cisco Umbrella for Government | In Process | Moderate |
| Cisco Unified Communications Manager Cloud for Government (Cisco UCM Cloud for Government) | Authorized | Moderate |
| WebEx Contact Center Enterprise for Government (WxCCE-G) | In Process | Moderate |
| Webex for Government | Authorized | Moderate |
Open questions: Cisco's remediation timeline for the 2026-06-25 and 2026-05-14 vulnerabilities · Impact of these vulnerabilities on active CMMC compliance programs