CVE-2026-20128: Cisco Catalyst SD-WAN Manager Storing Passwords in a

Cisco Catalyst SD-WAN Manager Storing Passwords in a Recoverable Format Vulnerability. Cisco Catalyst SD-WAN Manager contains a storing passwords in a recoverable format vulnerability that allows an authenticated, local attacker to gain DCA user privileges by accessing a credential file for the DCA user on the filesystem as a low-privileged user.

• CISA KEV-listed (remediation due 2026-04-23)
• EPSS 0.1% (23.2% percentile)

Related briefings

• Hackers Break Into Unpatched Cisco SD-WAN Devices to Plant Webshells 2026-06-06

Browse the CVE database

Read the full analysis on IntelFusions