A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is in the KEV database since Feb. 25, 2026.

Exploitation active

Automatable no

Technical Impact total

Affected Vendors & Products

Vendors Products
Cisco
  • 1100-4g Integrated Services Router
  • 1100-4p Integrated Services Router
  • 1100-6g Integrated Services Router
  • 1100-8p Integrated Services Router
  • 1100 Integrated Services Router
  • 1101-4p Integrated Services Router
  • 1101 Integrated Services Router
  • 1109-2p Integrated Services Router
  • 1109-4p Integrated Services Router
  • 1109 Integrated Services Router
  • 1111x-8p Integrated Services Router
  • 1111x Integrated Services Router
  • 111x Integrated Services Router
  • 1120 Integrated Services Router
  • 1131 Integrated Services Router
  • 1160 Integrated Services Router
  • 4000 Integrated Services Router
  • 4221 Integrated Services Router
  • 4321\/k9-rf Integrated Services Router
  • 4321\/k9-ws Integrated Services Router
  • 4321\/k9 Integrated Services Router
  • 4321 Integrated Services Router
  • 4331\/k9-rf Integrated Services Router
  • 4331\/k9-ws Integrated Services Router
  • 4331\/k9 Integrated Services Router
  • 4331 Integrated Services Router
  • 4351\/k9-rf Integrated Services Router
  • 4351\/k9-ws Integrated Services Router
  • 4351\/k9 Integrated Services Router
  • 4351 Integrated Services Router
  • 4431 Integrated Services Router
  • 4451-x Integrated Services Router
  • 4451 Integrated Services Router
  • 4461 Integrated Services Router
  • 8101-32fh
  • 8101-32h
  • 8102-64h
  • 8201
  • 8201-32fh
  • 8202
  • 8804
  • 8808
  • 8812
  • 8818
  • 8831
  • Asr 1000
  • Asr 1000-x
  • Asr 1001
  • Asr 1001-hx
  • Asr 1001-hx R
  • Asr 1001-x
  • Asr 1001-x R
  • Asr 1002
  • Asr 1002-hx
  • Asr 1002-hx R
  • Asr 1002-x
  • Asr 1002-x R
  • Asr 1004
  • Asr 1006
  • Asr 1006-x
  • Asr 1009-x
  • Asr 1013
  • Asr 1023
  • Catalyst 8000v Edge
  • Catalyst 8200
  • Catalyst 8300
  • Catalyst 8300-1n1s-4t2x
  • Catalyst 8300-1n1s-6t
  • Catalyst 8300-2n2s-4t2x
  • Catalyst 8300-2n2s-6t
  • Catalyst 8500
  • Catalyst 8500-4qc
  • Catalyst 8500l
  • Catalyst 8510csr
  • Catalyst 8510msr
  • Catalyst 8540csr
  • Catalyst 8540msr
  • Catalyst Cg418-e
  • Catalyst Cg522-e
  • Catalyst Sd-wan Manager
  • Sd-wan
  • Sd-wan Vbond Orchestrator
  • Sd-wan Vedge Cloud
  • Sd-wan Vsmart Controller

Configuration 1 [-]

OR cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:catalyst_sd-wan_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:catalyst_sd-wan_manager:20.8:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vbond_orchestrator:20.8:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vedge_cloud:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vedge_cloud:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vedge_cloud:20.8:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vsmart_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vsmart_controller:20.8:*:*:*:*:*:*:*

Configuration 2 [-]

AND
OR cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan:20.8:*:*:*:*:*:*:*
OR cpe:2.3:a:cisco:catalyst_8000v_edge:-:*:*:*:*:*:*:*
cpe:2.3:a:cisco:catalyst_cg418-e:-:*:*:*:*:*:*:*
cpe:2.3:a:cisco:catalyst_cg522-e:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1100-4g_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1100-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1100-6g_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1100-8p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1100_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1101-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1101_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1109-2p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1109-4p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1109_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1111x-8p_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1111x_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:111x_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1120_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1131_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:1160_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4000_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4221_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4321\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4321\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4321\/k9_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4321_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4331\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4331\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4331\/k9_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4331_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4351\/k9-rf_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4351\/k9-ws_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4351\/k9_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4351_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4431_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4451-x_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4451_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:4461_integrated_services_router:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8101-32fh:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8101-32h:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8102-64h:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8201:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8201-32fh:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8202:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8804:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8808:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8812:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8818:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:8831:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1000:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1000-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1001:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1001-hx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1001-hx_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1001-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1001-x_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1002:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1002-hx:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1002-hx_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1002-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1002-x_r:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1004:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1006:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1006-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1009-x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1013:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:asr_1023:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8200:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8300:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8300-1n1s-4t2x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8300-1n1s-6t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8300-2n2s-4t2x:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8300-2n2s-6t:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8500:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8500-4qc:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8500l:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8510csr:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8510msr:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8540csr:-:*:*:*:*:*:*:*
cpe:2.3:h:cisco:catalyst_8540msr:-:*:*:*:*:*:*:*

No data.

References
Link Providers
https://github.com/orangecertcc/security-research/security/advisories/GHSA-wmjv-552v-pxjc cve-icon
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF cve-icon cve-icon
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-20775 cve-icon cve-icon
History

Thu, 26 Feb 2026 16:30:00 +0000

Type Values Removed Values Added
First Time appeared Cisco sd-wan Vedge Cloud
CPEs cpe:2.3:a:cisco:sd-wan_vedge_cloud:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:sd-wan_vedge_cloud:20.8:*:*:*:*:*:*:*
Vendors & Products Cisco sd-wan Vedge Cloud

Wed, 25 Feb 2026 22:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

 ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 25 Feb 2026 21:00:00 +0000

Type Values Removed Values Added
Description Multiple vulnerabilities in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. These vulnerabilities are due to improper access controls on commands within the application CLI. An attacker could exploit these vulnerabilities by running a malicious command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges. This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF
Title Cisco SD-WAN Software Privilege Escalation Vulnerabilities Cisco SD-WAN Software Privilege Escalation Vulnerability
References

Wed, 25 Feb 2026 18:30:00 +0000

Type Values Removed Values Added
References

Wed, 25 Feb 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics kev

{'dateAdded': '2026-02-25T00:00:00+00:00', 'dueDate': '2026-02-27T00:00:00+00:00'}

Wed, 06 Nov 2024 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2022-09-30T18:45:26.687Z

Updated: 2026-03-02T13:12:09.231Z

Reserved: 2021-11-02T00:00:00.000Z

Link: CVE-2022-20775

cve-icon Vulnrichment

Updated: 2024-08-03T02:24:49.634Z

cve-icon NVD

Status : Analyzed

Published: 2022-09-30T19:15:11.467

Modified: 2026-02-26T16:20:09.420

Link: CVE-2022-20775

cve-icon Redhat

No data.