Five Eyes Emergency Directive: Exploited Cisco SD-WAN
⚠️ Federal and allied cybersecurity agencies issued an emergency directive after Cisco Talos disclosed active exploitation of a critical flaw in Cisco Catalyst SD-WAN controllers (CVE-2026-20127). The vulnerability allows unauthenticated attackers to bypass authentication and gain administrative access to SD‑WAN control-plane components. Cisco has released patches with no workarounds; CISA and Five Eyes partners urge immediate patching, inventorying of in-scope systems, log collection and active hunting for compromise.