Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
Alerts

Multiple Vulnerabilities in Cisco Products

22 May 2026

Cisco has released security updates addressing multiple vulnerabilities affecting multiple Cisco products. Users and administrators of affected products are advised to update to the latest versions immediately.

Background

Cisco has released security updates addressing multiple vulnerabilities affecting multiple Cisco products. CVE-2026-20223 affects Cisco Secure Workload Cluster Software on both SaaS and on-premises deployments. CVE-2026-20224 affects Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) across all deployment models, including on-premises, cloud-managed, and government environments. 

These vulnerabilities have a Common Vulnerability Scoring System (CVSS v3.1) score of 10 and 8.6 out of 10, respectively.

Impact 

CVE-2026-20223: A vulnerability in access validation of internal REST APIs of Cisco Secure Workload  could allow an unauthenticated, remote attacker to read sensitive information and make configuration changes across tenant boundaries with the privileges of the Site Admin user

CVE-2026-20224: A vulnerability in the web UI of Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system. Successful exploitation of this vulnerability could potentially allow an unauthenticated, remote attacker to read arbitrary files that are stored in an affected system by sending a crafted request.

Affected Products 

CVE-2026-20223

This vulnerability affects Cisco Secure Workload Cluster Software on SaaS and on-prem deployments, regardless of device configuration.

The vulnerability affects the following Cisco Systems Secure Workload Versions:

  • release 3.9 and earlier

  • release 3.10

  • release 4.0

CVE-2026-20224

This vulnerability affects Cisco Catalyst SD-WAN Manager across all deployment types, including:

  • On-Prem Deployment

  • Cisco SD-WAN Cloud-Pro

  • Cisco SD-WAN Cloud (Cisco Managed)

  • Cisco SD-WAN for Government (FedRAMP)

The vulnerability affects the following Cisco Catalyst SD-WAN Manager Versions: 

  • release earlier than 20.9 

  • release 20.9 

  • release 20.10 

  • release 20.11 

  • release 20.12 

  • release 20.13 

  • release 20.14 

  • release 20.15 

  • release 20.16 

  • release 20.18 

  • release 26.1

Recommendation

Users and administrators of affected products are advised to update to the latest versions immediately.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-mltvnps2-JxpWm7R#fs

https://nvd.nist.gov/vuln/detail/CVE-2026-20223

https://nvd.nist.gov/vuln/detail/CVE-2026-20224

https://www.bleepingcomputer.com/news/security/cisco-max-severity-secure-workload-flaw-gives-hackers-site-admin-privileges

Back to top