CVE-2026-20245: Cisco Catalyst SD-WAN Manager Root Privilege Escalation Zero-Day

Cisco confirms active exploitation of CVE-2026-20245 in Catalyst SD-WAN Manager — a root privilege escalation zero-day via crafted file upload. No patch available. Mandiant reported limited in-the-wild attacks.