KEVIntel
PRO Back to KEVs
7.8
CVSS
High

CVE-2022-20775

PUBLISHED

Cisco SD-WAN Software Privilege Escalation Vulnerability

1 day faster than CISA KEV

Exploited in the wild Low complexity No user interaction
Vendor
Cisco
Product
Cisco Catalyst SD-WAN, Cisco Catalyst SD-WAN Manager, Cisco SD-WAN vContainer, Cisco SD-WAN vEdge Cloud, Cisco SD-WAN vEdge Router
Published
Sep 30, 2022
EPSS
0.4% · 60% pctl

Automate this intelligence with the Pro API

Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.

Learn about Pro

Description

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF

cisa edge

Weaknesses (CWE)

  • CWE-25

    Path Traversal: '/../filedir'

CVSS scores

CVSS v3.1 7.8 High

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation status

Exploited in the wild

Recorded 2026-06-01 11:08:34 UTC · CVE

References

Known exploited vulnerability sources

Catalogues that list this CVE as a known exploited vulnerability.

Source Added
CVE First 2026-06-01 11:08 UTC
CISA 2026-06-02 14:03 UTC

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • KEV confirmed by CISA