Cisco has disclosed multiple critical and high-severity vulnerabilities affecting Catalyst SD-WAN Controller and Manager, including CVE-2026-20127, a CVSS 10 authentication bypass exploited in the wild since 2023. Successful exploitation allows unauthenticated remote attackers to gain administrative privileges, manipulate network configurations, and establish persistent access, sometimes by downgrading software to exploit older vulnerabilities.