DMR News

Advancing Digital Conversations

News Americas Business Latest Newsbreak

Cisco Warns Of Three Year Exploitation Of Critical 10.0 Bug In Catalyst SD WAN Devices

ByJolyen

Feb 27, 2026

Cisco Warns Of Three Year Exploitation Of Critical 10.0 Bug In Catalyst SD WAN Devices

Cisco has disclosed that hackers have been exploiting a maximum severity vulnerability in its Catalyst SD WAN products for at least three years, prompting coordinated warnings from the United States and allied governments and an emergency patch order for federal agencies. The flaw, rated 10.0 on the severity scale, allows remote attackers to gain full control of affected devices and maintain persistent access inside enterprise and government networks.

Scope Of The Vulnerability
The bug affects Cisco’s Catalyst SD WAN products, which are used by large enterprises and government agencies to connect private networks across multiple locations. By exploiting the flaw over the internet, attackers can obtain the highest level of privileges on compromised devices. Cisco said this access enables threat actors to remain hidden inside a victim’s network and potentially conduct long term espionage or data theft.

After identifying the issue, Cisco researchers traced evidence of exploitation back to 2023. The company said some of the affected organizations are part of critical infrastructure, a term that can include sectors such as power, water, and transportation. Cisco did not disclose specific victims.

Government Response And Global Warnings
Governments in Australia, Canada, New Zealand, the United Kingdom, and the United States issued a joint alert stating that threat actors are targeting organizations globally. The US Cybersecurity and Infrastructure Security Agency, known as CISA, ordered all civilian federal agencies to patch affected systems by the end of day Friday, citing an imminent threat and unacceptable risk to federal networks.

CISA said it is aware of ongoing exploitation. The agency is currently operating at reduced capacity due to a partial government shutdown.

Neither Cisco nor government agencies attributed the activity to a specific threat group or nation state. One cluster of activity has been tracked as UAT 8616.

Related Security Issues
In December, Cisco warned of another vulnerability rated 10.0 in the Async software that runs many of its products. That flaw was also being actively exploited to gain unauthorized access to customer networks.

Featured image credits: Flickr

For more stories like it, click the +Follow button at the top of this page to follow us.

Jolyen

As a news editor, I bring stories to life through clear, impactful, and authentic writing. I believe every brand has something worth sharing. My job is to make sure it’s heard. With an eye for detail and a heart for storytelling, I shape messages that truly connect.

Related News

Privacy Examiner Launches Independent Website Risk Detection & Monitoring Service for Healthcare Providers
Feb 28, 2026 Ethan Lin
Independence Square Advisors Recognizes Brenton Stransky as 2025 Advisor of the Year
Feb 28, 2026 Ethan Lin
Rentberry Dominates PropTech Landscape with World’s First End-to-End AI Rental Ecosystem; Announces $20M Pre-IPO Round and NASDAQ Ticker ‘RNTB’
Feb 27, 2026 Ethan Lin

Leave a Reply

Your email address will not be published. Required fields are marked *

DMR News (Digital Market Reports) is a brand of PulseDirect Communication LLC.

DMR News was established in 2020 to be a trusted source for digital market news and to encourage more conversations about the ever-evolving digital landscape. The inception of DMR News was marked by a recognition of the rapidly evolving digital landscape and the need for a dedicated platform that could keep pace with its constant transformations.

PulseDirect Communication LLC
Sheridan, WY 82801, USA

DMR News

Advancing Digital Conversations

© 2026 PulseDirect Communication LLC. All rights reserved. | 30 N Gould ST STE R, Sheridan, WY 82801