Rapid7 has published analysis of two newly disclosed authentication bypass vulnerabilities affecting enterprise networking and security platforms from Cisco and Palo Alto Networks, with both vendors urging organisations to patch affected systems.
The flaws affect Cisco Catalyst SD-WAN Controller and Palo Alto Networks PAN-OS, and are significant because they target infrastructure used to manage enterprise connectivity and security, with potential implications for internet-facing environments and large distributed networks.
Cisco Catalyst SD-WAN Controller Authentication Bypass (CVE-2026-20182)
Rapid7’s technical analysis covers a critical authentication bypass vulnerability affecting Cisco Catalyst SD-WAN Controller and SD-WAN Manager, tracked as CVE-2026-20182. The flaw carries a CVSS score of 10.0 and could allow unauthenticated attackers to gain administrative privileges on affected systems.
According to Cisco and Rapid7, the issue affects the “vdaemon” service used for SD-WAN control-plane communications and has already seen limited exploitation in the wild. Rapid7 said the vulnerability is separate from the previously disclosed CVE-2026-20127, although it exists in a similar area of the networking stack.
Rapid7 noted the issue impacts a core SD-WAN control mechanism and could allow attackers to authenticate as trusted peers and perform privileged operations. Cisco has released fixes and advised customers to patch.
Palo Alto Networks PAN-OS Authentication Bypass (CVE-2026-0265)
Rapid7 also highlighted an authentication bypass vulnerability affecting Palo Alto Networks PAN-OS, tracked as CVE-2026-0265. The flaw allows unauthenticated attackers with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled.
Palo Alto Networks said risk is highest when CAS is enabled on internet-facing management interfaces, with affected products including PAN-OS firewalls, Cloud NGFW and Prisma Access environments. The vendor has released patches for multiple PAN-OS versions, with additional fixes still rolling out.
The disclosure comes amid increased scrutiny of PAN-OS security following recent vulnerabilities that have been actively exploited against exposed firewall infrastructure. Security agencies and researchers have advised organisations to review management interface exposure, restrict external access where possible, and apply updates.
