LIVE NEWSROOM · --:-- · May 24, 2026
A LIBRARY FOR SECURITY RESEARCHERS

CVE DATABASE  /  CVE-2022-20775

CVE-2022-20775

Cisco SD-WAN Path Traversal Vulnerability

CVSS 7.8 · HIGH ⚠ CISA KEV — ACTIVELY EXPLOITED
On the CISA KEV catalog

Confirmed exploited in the wild. Added 2026-02-25. Federal remediation due 2026-02-27.
Required action: Please adhere to CISA’s guidelines to assess exposure and mitigate risks associated with Cisco SD-WAN devices as outlines in CISA’s Emergency Directive 26-03 (URL listed below in Notes) and CISA’s “Hunt & Hardening Guidance for Cisco SD-WAN Devices (URL listed below in Notes). Adhere to the applicable BOD 22-01 guidance for cloud services or discontinue use of the product if mitigations are not available.

Summary

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF

CVSS 3.1 breakdown

Base score7.8 (HIGH)
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack vectorLOCAL
Attack complexityLOW
Privileges requiredLOW
User interactionNONE
ScopeUNCHANGED
ConfidentialityHIGH
IntegrityHIGH
AvailabilityHIGH

Weakness type (CWE)

Affected products

Cisco catalyst sd-wan managerCisco sd-wan vbond orchestratorCisco sd-wan vedge cloudCisco sd-wan vsmart controllerCisco sd-wanCisco catalyst 8000v edgeCisco catalyst cg418-eCisco catalyst cg522-eCisco 1100-4g integrated services routerCisco 1100-4p integrated services routerCisco 1100-6g integrated services routerCisco 1100-8p integrated services routerCisco 1100 integrated services routerCisco 1101-4p integrated services routerCisco 1101 integrated services routerCisco 1109-2p integrated services routerCisco 1109-4p integrated services routerCisco 1109 integrated services routerCisco 1111x-8p integrated services routerCisco 1111x integrated services router
Check this CVE live

Use our free CVE Lookup tool for the latest NVD record, or browse the full CISA KEV catalog.

References

Data: NIST NVD + CISA KEV. NVD last modified 2026-02-26. Always verify against the vendor advisory before acting.

Scroll to Top