Cisco SD-WAN Zero-Day Under Exploitation for 3 Years

The maximum-severity vulnerability CVE-2026-20127 was exploited by an unknown but sophisticated threat actor who left very little evidence behind.