Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cisco's SD-WAN 0-Day - The 443 Podcast - Episode 360

Mar 2, 2026 By WatchGuard Technologies In WatchGuard
This week on the podcast, we discuss the recently disclosed and patched 0-Day vulnerability in Cisco's Catalyst SD-WAN Controller which has been under active exploit for 3 years. After that, we cover the latest open source supply chain attack involving a self-propagating worm targeting AI tools. We end with a discussion about another social engineering campaign targeting job hunters in the software development world.
View Video
Corelight

Black Hat Europe 2025: Lessons from the NOC

Feb 27, 2026 By Mark Overholser In Corelight
With the holiday season all wrapped up (pun definitely intended), I finally have time to sit down and digest what we saw in the network traffic at Black Hat Europe 2025 while working alongside the other Network Operations Center (NOC) partners: Arista, Cisco, Jamf, and Palo Alto Networks. As usual, there is a mix of the expected, a dash of the unexpected, and some lessons for newcomers and greybeards alike. Let’s get into it.
Read Post
foresiet

CVE-2026-20127: In-Depth Analysis of the Cisco Catalyst SD-WAN Authentication Bypass Vulnerability

Feb 27, 2026 By foresiet In Foresiet
Software-defined networking (SD-WAN) has transformed enterprise infrastructure, enabling dynamic connectivity between sites with centralized management and control. But when the control plane itself becomes vulnerable, network integrity is no longer a given.
Read Post

Forescout VistaroAI: Security Like You've Never Experienced Before

Feb 27, 2026 By Forescout Technologies In Forescout
Cybersecurity moves fast and your environment moves even faster. Forescout VistaroAI helps security teams keep up by instantly analyzing changes across your network and surfacing the risks that matter most. Instead of drowning in dashboards and alerts, Forescout VistaroAI gives you: VistaroAI turns continuous change into clear, actionable intelligence, helping teams stay ahead of threats with confidence.
View Video
cycognito

Emerging Threat: Cisco Catalyst SD-WAN Authentication Bypass (CVE-2026-20127)

Feb 26, 2026 By Amit Sheps In CyCognito
CVE-2026-20127 is a critical authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controller (vSmart) and Cisco Catalyst SD-WAN Manager (vManage). The flaw stems from improper validation within the control plane and management plane authentication mechanisms, allowing a remote, unauthenticated attacker to submit crafted requests that bypass standard authentication controls. Successful exploitation results in access to the system as a high-privileged internal user account.
Read Post
Arctic Wolf

CVE-2026-20127: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability

Feb 26, 2026 By Julian Tuin In Arctic Wolf
On February 25, 2026, Cisco released fixes for a maximum severity authentication bypass vulnerability in Cisco Catalyst SD-WAN Controller (formerly vSmart) and Cisco Catalyst SD-WAN Manager (formerly vManage), tracked as CVE-2026-20127. The flaw arises from a broken peering authentication mechanism in the control-plane authentication workflow. This vulnerability potentially allows a remote, unauthenticated threat actor to bypass authentication and obtain administrative privileges on an affected system.
Read Post

Episode 9 - Federal Cyber Defense: Legacy Debt, Cloud Shifts, and Network Truth

Feb 26, 2026 By Corelight In Corelight
Richard Bejtlich sits down with Jean Schaffer, Corelight’s Federal CTO, to discuss the unique hurdles facing government agencies in an era of escalating state-sponsored threats. Jean highlights the persistent challenge of legacy IT infrastructure and the "technical debt" that complicates modernization efforts across the Department of Defense, the intelligence community, and the civilian sector. The conversation explores the strategic shift toward cloud adoption as a means to decommission vulnerable on-premise hardware and the evolving "whole of nation" defense strategy that requires deeper public-private partnerships.
View Video

Copyright © 2026 OpsMatters™. All rights reserved.