Serial number: AV26-166
Date: February 25, 2026
Updated: April 20, 2026
On February 25, 2026, Cisco published security advisories to address critical vulnerabilities in the following products:
- Cisco Catalyst SD-WAN Controller – multiple versions
- Cisco Catalyst SD-WAN Manager – multiple versions
- Cisco Nexus 3600 and 9500-R Switching Platform – multiple versions
- Cisco Nexus 9000 Series Fabric Switches – multiple versions
- Cisco UCS Software (UCS Manager Mode) – versions prior to 4.3(6e)
- Cisco UCS Software (Intersight Managed Mode) – versions prior to 4.3(6.260003)
Cisco has indicated that CVE-2026-20127 has been exploited.
Update 1
On February 25, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20127 to their Known Exploited Vulnerabilities (KEV) Database.
Update 2
Cisco has indicated that CVE-2026-20128 and CVE-2026-20122 are being actively exploited.
Update 3
On April 20, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20122, CVE-2026-20128, and CVE-2026-20133 to their Known Exploited Vulnerabilities (KEV) Database.
The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested recommendations, and apply the necessary updates when available.
