CVE-2026-20133: Cisco Catalyst SD-WAN Manager Sensitive Data Exposure Vulnerability
Summary
CISA added CVE-2026-20133 to its Known Exploited Vulnerabilities catalog. The vulnerability in Cisco Catalyst SD-WAN Manager results from insufficient file system access restrictions, allowing an unauthenticated remote attacker to access the API and read sensitive information on the underlying operating system. With a CVSS 3.1 score of 6.5, the flaw affects 335 product versions. Organizations running affected Cisco SD-WAN Manager instances should apply patches or mitigations per vendor guidance.
“A vulnerability in Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to view sensitive information on an affected system.”
The inclusion in CISA's Known Exploited Vulnerabilities catalog indicates this vulnerability is being actively exploited in the wild. Organizations running Cisco Catalyst SD-WAN Manager should immediately inventory their deployments against the affected version list and apply patches or mitigations per Cisco's security advisories. Federal agencies are subject to Binding Operational Directive 22-01 remediation timelines for KEV catalog entries.
What changed
CISA added CVE-2026-20133 to its Known Exploited Vulnerabilities catalog. The vulnerability stems from insufficient file system access restrictions in Cisco Catalyst SD-WAN Manager, which could allow an unauthenticated remote attacker to access the API and read sensitive information on the underlying operating system.
Organizations running Cisco SD-WAN Manager should identify affected versions (spanning releases from 17.2.x through 20.13.x) and apply patches or mitigations per Cisco's vendor guidance. The inclusion in CISA's KEV catalog signals active exploitation, warranting priority remediation for federal agencies under Binding Operational Directive 22-01 timelines.
Archived snapshot
Apr 21, 2026GovPing captured this document from the original source. If the source has since changed or been removed, this is the text as it existed at that time.
Required CVE Record Information
CNA: Cisco Systems, Inc.
Updated:
2026-03-20
Description
A vulnerability in Cisco Catalyst SD-WAN Manager could allow an unauthenticated, remote attacker to view sensitive information on an affected system.
This vulnerability is due to insufficient file system access restrictions. An attacker could exploit this vulnerability by accessing the API of an affected system. A successful exploit could allow the attacker to read sensitive information on the underlying operating system.
CWE 1 Total
Learn more
- CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS 1 Total
Learn more
| Score | Severity | Version | Vector String |
| --- | --- | --- | --- |
| 6.5 | MEDIUM | 3.1 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
Product Status
Learn more Versions 335 Total
Default Status: unknown
affected
affected at 20.1.12
affected at 19.2.1
affected at 18.4.4
affected at 18.4.5
affected at 20.1.1.1
affected at 20.1.1
affected at 19.3.0
affected at 19.2.2
affected at 19.2.099
affected at 18.3.6
affected at 18.3.7
affected at 19.2.0
affected at 18.3.8
affected at 19.0.0
affected at 19.1.0
affected at 18.4.302
affected at 18.4.303
affected at 19.2.097
affected at 19.2.098
affected at 17.2.10
affected at 18.3.6.1
affected at 19.0.1a
affected at 18.2.0
affected at 18.4.3
affected at 18.4.1
affected at 17.2.8
affected at 18.3.3.1
affected at 18.4.0
affected at 18.3.1
affected at 17.2.6
affected at 17.2.9
affected at 18.3.4
affected at 17.2.5
affected at 18.3.1.1
affected at 18.3.5
affected at 18.4.0.1
affected at 18.3.3
affected at 17.2.7
affected at 17.2.4
affected at 18.3.0
affected at 19.2.3
affected at 18.4.501_ES
affected at 20.3.1
affected at 20.1.2
affected at 19.2.929
affected at 19.2.31
affected at 20.3.2
affected at 19.2.32
affected at 20.3.2_925
affected at 20.3.2.1
affected at 20.3.2.1_927
affected at 18.4.6
affected at 20.1.2_937
affected at 20.4.1
affected at 20.3.2_928
affected at 20.3.2_929
affected at 20.4.1.0.1
affected at 20.3.2.1_930
affected at 19.2.4
affected at 20.5.0.1.1
affected at 20.4.1.1
affected at 20.3.3
affected at 19.2.4.0.1
affected at 20.3.2_937
affected at 20.3.3.1
affected at 20.5.1
affected at 20.1.3
affected at 20.3.3.0.4
affected at 20.3.3.1.2
affected at 20.3.3.1.1
affected at 20.4.1.2
affected at 20.3.3.0.2
affected at 20.4.1.1.5
affected at 20.4.1.0.01
affected at 20.4.1.0.02
affected at 20.3.3.1.7
affected at 20.3.3.1.5
affected at 20.5.1.0.1
affected at 20.3.3.1.10
affected at 20.3.3.0.8
affected at 20.4.2
affected at 20.4.2.0.1
affected at 20.3.4
affected at 20.3.3.0.14
affected at 19.2.4.0.8
affected at 19.2.4.0.9
affected at 20.3.4.0.1
affected at 20.3.2.0.5
affected at 20.6.1
affected at 20.5.1.0.2
affected at 20.3.3.0.17
affected at 20.6.1.1
affected at 20.6.0.18.3
affected at 20.3.2.0.6
affected at 20.6.0.18.4
affected at 20.4.2.0.2
affected at 20.3.3.0.16
affected at 20.3.4.0.5
affected at 20.6.1.0.1
affected at 20.3.4.0.6
affected at 20.6.2
affected at 20.7.1EFT2
affected at 20.3.4.0.9
affected at 20.3.4.0.11
affected at 20.4.2.0.4
affected at 20.3.3.0.18
affected at 20.7.1
affected at 20.6.2.1
affected at 20.3.4.1
affected at 20.5.1.1
affected at 20.4.2.1
affected at 20.4.2.1.1
affected at 20.3.4.1.1
affected at 20.3.813
affected at 20.3.4.0.19
affected at 20.4.2.2.1
affected at 20.5.1.2
affected at 20.3.4.2
affected at 20.3.814
affected at 20.4.2.2
affected at 20.6.2.2
affected at 20.3.4.2.1
affected at 20.7.1.1
affected at 20.3.4.1.2
affected at 20.6.2.2.2
affected at 20.3.4.0.20
affected at 20.6.2.2.3
affected at 20.4.2.2.2
affected at 20.3.5
affected at 20.6.2.0.4
affected at 20.4.2.2.3
affected at 20.3.4.0.24
affected at 20.6.2.2.7
affected at 20.6.3
affected at 20.3.4.2.2
affected at 20.4.2.2.4
affected at 20.7.1.0.2
affected at 20.8.1
affected at 20.3.5.0.8
affected at 20.3.5.0.9
affected at 20.4.2.2.8
affected at 20.3.5.0.7
affected at 20.6.3.0.7
affected at 20.6.3.0.5
affected at 20.6.3.0.10
affected at 20.6.3.0.2
affected at 20.7.2
affected at 20.9.1EFT2
affected at 20.6.3.0.11
affected at 20.6.3.1
affected at 20.6.3.0.14
affected at 20.6.4
affected at 20.9.1
affected at 20.6.3.0.19
affected at 20.6.3.0.18
affected at 20.3.6
affected at 20.9.1.1
affected at 20.6.3.0.23
affected at 20.6.4.0.4
affected at 20.6.3.0.25
affected at 20.6.5
affected at 20.6.3.0.27
affected at 20.9.2
affected at 20.9.2.1
affected at 20.6.3.0.29
affected at 20.6.3.0.31
affected at 20.6.3.0.32
affected at 20.10.1
affected at 20.6.3.0.33
affected at 20.9.2.0.01
affected at 20.9.1LIImages
affected at 20.10.1LIImages
affected at 20.9.2LIImages
affected at 20.3.7
affected at 20.9.3
affected at 20.6.5.1
affected at 20.11.1
affected at 20.11.1LIImages
affected at 20.9.3LI Images
affected at 20.6.3.1.1
affected at 20.9.3.0.2
affected at 20.6.5.1.2
affected at 20.9.3.0.3
affected at 20.4.2.3
affected at 20.6.3.2
affected at 20.6.4.1
affected at 20.6.3.0.38
affected at 20.6.3.0.39
affected at 20.3.5.1
affected at 20.3.4.3
affected at 20.9.3.1
affected at 20.3.3.2
affected at 20.6.5.2
affected at 20.3.7.1
affected at 20.10.1.1
affected at 20.6.5.2.1
affected at 20.3.4.0.25
affected at 20.6.2.2.4
affected at 20.6.1.2
affected at 20.11.1.1
affected at 20.9.3.0.5
affected at 20.3.4.0.26
affected at 20.6.5.1.3
affected at 20.6.3.0.40
affected at 20.1.3.1
affected at 20.9.2.2
affected at 20.6.5.2.3
affected at 20.6.5.1.4
affected at 20.6.5.3
affected at 20.6.3.0.41
affected at 20.9.3.0.7
affected at 20.6.5.1.5
affected at 20.9.3.0.4
affected at 20.6.4.0.19
affected at 20.6.5.1.6
affected at 20.9.3.0.8
affected at 20.6.3.3
affected at 20.3.7.2
affected at 20.6.5.4
affected at 20.6.5.1.7
affected at 20.9.3.0.12
affected at 20.6.4.2
affected at 20.6.5.5
affected at 20.9.3.2
affected at 20.11.1.2
affected at 20.6.3.4
affected at 20.10.1.2
affected at 20.6.5.1.9
affected at 20.9.3.0.16
affected at 20.6.3.0.45
affected at 20.6.5.1.10
affected at 20.9.3.0.17
affected at 20.6.5.2.4
affected at 20.6.4.0.21
affected at 20.9.3.0.18
affected at 20.6.3.0.46
affected at 20.6.3.0.47
affected at 20.9.2.3
affected at 20.9.3.2LIImages
affected at 20.9.3.0.21
affected at 20.9.3.0.20
affected at 20.9.4LIImages
affected at 20.9.4
affected at 20.6.5.1.11
affected at 20.12.1
affected at 20.12.1LIImages
affected at 20.6.5.1.13
affected at 20.9.3.0.23
affected at 20.6.5.2.8
affected at 20.9.4.1
affected at 20.9.4.1LIImages
affected at 20.9.3.0.25
affected at 20.9.3.0.24
affected at 20.6.5.1.14
affected at 20.3.8
affected at 20.6.6
affected at 20.9.3.0.26
affected at 20.6.3.0.51
affected at 20.9.3.0.29
affected at 20.12.2
affected at 20.12.2LIImages
affected at 20.6.6.0.1
affected at 20.13.1LIImages
affected at 20.9.4.0.4
affected at 20.13.1
affected at 20.9.4.1.1
affected at 20.9.5
affected at 20.9.5LIImages
affected at 20.12.3LIImages
affected at 20.12.3
affected at 20.9.4.1.3
affected at 20.6.7
affected at 20.9.5.1
affected at 20.9.5.1LIImages
affected at 20.9.4.1.6
affected at 20.14.1
affected at 20.14.1LIImages
affected at 20.9.5.2
affected at 20.9.5.2.1
affected at 20.9.5.2LIImages
affected at 20.12.3.1
affected at 20.12.4
affected at 20.15.1LIImages
affected at 20.15.1
affected at 20.9.5.1.4
affected at 20.9.5.2.7
affected at 20.9.5.2.13
affected at 20.9.6
affected at 20.9.6LIImages
affected at 20.9.5.2.14
affected at 20.6.8
affected at 20.12.4.0.03
affected at 20.16.1
affected at 20.16.1LIImages
affected at 20.12.4LIImages
affected at 20.9.5.2.16
affected at 20.12.4.0.4
affected at 20.12.401
affected at 20.9.5.3
affected at 20.9.5.3LIImages
affected at 20.12.4.1LIImages
affected at 20.12.4.1
affected at 20.9.5.2.21
affected at 20.9.6.0.3
affected at 20.12.4.0.6
affected at 20.15.2LIImages
affected at 20.15.2
affected at 20.12.4MonthlyES5
affected at 20.12.5
affected at 20.12.5LIImages
affected at 20.9.7_LI _Images
affected at 20.9.7
affected at 20.15.3
affected at 20.15.3_ LI _Images
affected at 20.12.501
affected at 20.12.5.1LIImages
affected at 20.12.5.1
affected at 20.12.5.2LIImages
affected at 20.12.5.2
affected at 20.15.3.1
affected at 20.15.4LIImages
affected at 20.15.4
affected at 20.9.7.1_LI _Images
affected at 20.9.7.1
affected at 20.18.1
affected at 20.18.1LIImages
affected at 20.12.6LIImages
affected at 20.12.6
affected at 20.12.5.1.01
affected at 20.9.8
affected at 20.9.8LIImages
affected at 20.18.2
affected at 20.15.4.1LIImages
affected at 20.15.4.1
affected at 20.18.2LIImages
References 1 Total
Authorized Data Publishers
CISA-ADP
SSVC and KEV, plus CVSS and CWE if not provided by the CNA.
SSVC 1 Total
Learn more
| Exploitation | Automatable | Technical Impact | Version | Date Accessed |
| --- | --- | --- | --- | --- |
| active | yes | partial | 2.0.3 | 2026-04-20 |
KEV 1 Total
Learn more
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-20133 (2026-04-20)
Mentioned entities
Related changes
Get daily alerts for CISA Known Exploited Vulnerabilities (KEV)
Daily digest delivered to your inbox.
Free. Unsubscribe anytime.
Source
About this page
Every important government, regulator, and court update from around the world. One place. Real-time. Free. Our mission
Source document text, dates, docket IDs, and authority are extracted directly from CISA.
The summary, classification, recommended actions, deadlines, and penalty information are AI-generated from the original text and may contain errors. Always verify against the source document.
Classification
Who this affects
Taxonomy
Browse Categories
Get alerts for this source
We'll email you when CISA Known Exploited Vulnerabilities (KEV) publishes new changes.
Subscribed!
Optional. Filters your digest to exactly the updates that matter to you.