Cisco says hackers have been exploiting a critical bug to break into big customer networks since 2023 | TechCrunch
TechCrunch
by Zack WhittakerFebruary 26, 2026
AI-Generated Deep Dive Summary
Cisco has disclosed a critical security vulnerability in its popular Catalyst SD-WAN networking products, which have been exploited by hackers since at least 2023. The bug, rated with a maximum severity score of 10.0 on the Common Vulnerability Scoring System (CVSS), allows remote attackers to gain full administrative access to affected devices. This level of access enables persistent and hidden control over victim networks, potentially leading to data theft or espionage. Cisco researchers identified evidence of exploitation as far back as 2023, with some targeted organizations operating critical infrastructure such as power grids, water supplies, and transportation systems.
The U.S. government and its international allies have issued warnings, urging all organizations using these products to patch the vulnerability immediately. CISA (Cybersecurity and Infrastructure Security Agency) has ordered civilian federal agencies to address this threat by Friday, citing an "imminent" risk. The alert was co-signed by cybersecurity authorities from Australia, Canada, New Zealand, the UK, and the EU. While no specific nation-state or group has been identified as responsible for the attacks, researchers have tracked activity linked to a cluster named UAT-8616.
This latest vulnerability follows another critical flaw in Cisco’s AsyncOS software, also scored at 10.0, which was actively exploited in December 2023. These incidents highlight growing concerns over the security of enterprise networking equipment and the need for organizations to maintain rigorous update schedules. For tech enthusiasts and cybersecurity professionals, this underscores the importance of monitoring supply chain risks and staying informed about vendor security advisories. The situation also raises broader questions about the preparedness of critical infrastructure defenses against sophisticated cyber threats.
In a rapidly evolving digital landscape, such vulnerabilities pose significant challenges for businesses and governments alike. The ability of attackers to maintain long-term access within networks underscores the need for proactive threat detection and incident response strategies. As cyberattacks grow more sophisticated, understanding these risks and taking swift action becomes increasingly vital for safeguarding sensitive systems and data.
Verticals
techstartups
Originally published on TechCrunch on 2/26/2026