TLP:WHITE1 IOC

CVE-2026-20182: Critical Authentication Bypass in Cisco SD-WAN Can Grant Admin Access

SOC Prime

Published May 15, 2026Original Report

Diamond Model

Adversary

Infrastructure

Capability(1)

Victim

Initial AccessTA0001·T1190

1/6

Exploit Public-Facing Application

ActionBypass authentication

An unauthenticated remote attacker exploits CVE-2026-20182, an authentication bypass flaw in Cisco SD-WAN Controller.

Analysis unavailable

Type	Indicator	Confidence	Score	First Seen
CVE	CVE-2026-20182 exploitintel-blogmalware	High	59	Jun 2, 26

IOC Relationship Graph1 total IOCs

CVE

scroll to zoom · drag to pan · click IOC to open