Exploitation Summary
CVE-2022-20775 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added February 25, 2026. EIP tracks 1 public exploit from researchers including bluefalconink.
AI-analyzed exploit summary This repository contains a detailed technical writeup and architecture documentation for a CISA ED 26-03 Compliance Tracker, focusing on remediation steps for CVE-2022-20775 and CVE-2026-20127. It includes code introspection scripts, architecture diagrams, and compliance tracking logic but does not contain functional exploit code.
Description
A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF
Exploits (1)
This repository contains a detailed technical writeup and architecture documentation for a CISA ED 26-03 Compliance Tracker, focusing on remediation steps for CVE-2022-20775 and CVE-2026-20127. It includes code introspection scripts, architecture diagrams, and compliance tracking logic but does not contain functional exploit code.
References (4)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H