Serial number: AV26-166
Date: February 25, 2026
Updated: February 25, 2026
On February 25, 2026, Cisco published security advisories to address critical vulnerabilities in the following products:
- Cisco Catalyst SD-WAN Controller – multiple versions
- Cisco Catalyst SD-WAN Manager – multiple versions
- Cisco Nexus 3600 and 9500-R Switching Platform – multiple versions
- Cisco Nexus 9000 Series Fabric Switches – multiple versions
- Cisco UCS Software (UCS Manager Mode) – versions prior to 4.3(6e)
- Cisco UCS Software (Intersight Managed Mode) – versions prior to 4.3(6.260003)
Cisco has indicated that CVE-2026-20127 has been exploited.
Update 1
On February 25, 2026, Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2026-20127 to their Known Exploited Vulnerabilities (KEV) Database.
The Cyber Centre encourages users and administrators to review the provided web links, perform the suggested recommendations, and apply the necessary updates when available.
- Cisco Security Advisories
- Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability
- Cisco Catalyst SD-WAN Vulnerabilities
- Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability
- Cisco Nexus 9000 Series Fabric Switches in ACI Mode SNMP Denial of Service Vulnerability
- Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial of Service Vulnerability
- Cisco NX-OS Software Link Layer Discovery Protocol Denial of Service Vulnerability
- CISA KEV : CVE-2026-20127