{"id":204480,"date":"2026-04-21T11:09:00","date_gmt":"2026-04-21T15:09:00","guid":{"rendered":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/21\/cisa-confirms-exploitation-of-3-more-cisco-networking-device-vulnerabilities\/"},"modified":"2026-04-21T11:30:11","modified_gmt":"2026-04-21T15:30:11","slug":"cisa-confirms-exploitation-of-3-more-cisco-networking-device-vulnerabilities","status":"publish","type":"post","link":"https:\/\/testing.news-you-need.com\/index.php\/2026\/04\/21\/cisa-confirms-exploitation-of-3-more-cisco-networking-device-vulnerabilities\/","title":{"rendered":"CISA confirms exploitation of 3 more Cisco networking device vulnerabilities"},"content":{"rendered":"

CISA confirms exploitation of 3 more Cisco networking device vulnerabilities<\/a><\/p>\n

https:\/\/www.cybersecuritydive.com\/news\/cisa-cisco-vulnerabilities-sd-wan-confirm-exploitation\/818064\/<\/a><\/p>\n

Publish Date: 2026-04-21 11:09:00<\/a><\/p>\n

Source Domain: www.cybersecuritydive.com<\/a><\/p>\n

Author: <\/a><\/p>\n

Using an unordered list, summarize the following article with between 4 and 8 key points. <\/p>\n

The Cybersecurity and Infrastructure Security Agency on Monday said hackers were exploiting three more of the vulnerabilities in Cisco\u2019s networking appliances that the company disclosed in late February.
\nCISA added the three vulnerabilities \u2014 CVE-2026-20122, CVE-2026-20128 and CVE-2026-20133 \u2014\u00a0to its Known Exploited Vulnerabilities catalog, indicating that the agency has seen these flaws being used in ongoing malicious activity.
\n\u201cThese types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise,\u201d CISA said in a statement about the addition of the three Cisco flaws and four others to the KEV.<\/p>\n

After Cisco announced the vulnerabilities, along with several others, on Feb. 25, CISA issued an emergency directive ordering federal agencies to patch the flaws, saying hackers were already exploiting one of them. With Monday\u2019s update to the KEV catalog, the government has now confirmed that hackers are exploiting four of the six vulnerabilities that Cisco announced in February.
\nCVE-2026-20122, a flaw affecting Cisco networking products\u2019 API interface, could let an intruder with read-only access to the system nonetheless overwrite system files. CVE-2026-20128 could enable an attacker to access an unsecured password file and use the password to log into the system. CVE-2026-20133, meanwhile, stems from poorly configured access restrictions and could let an attacker view sensitive information without authentication.
\nIn March, after Cisco announced the six flaws, VulnCheck researchers warned that defenders should look beyond the one vulnerability with then confirmed exploitation and pay particular attention to CVE-2026-20133.
\nAt the time, Caitlin Condon, vice president of security research at VulnCheck, told Cybersecurity Dive that \u201cmisattributed PoC exploits and incomplete detections\u201d could account for why researchers weren\u2019t seeing attacks exploiting that flaw and others.
\nCisco previously confirmed that hackers were weaponizing CVE-2026-20122 and CVE-2026-20128, but it has not confirmed exploitation of CVE-2026-20133.
\nPursuant to a binding operational directive, federal agencies have until April 23 to patch the seven vulnerabilities that CISA added to the KEV catalog on Monday.<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

CISA confirms exploitation of 3 more Cisco networking device vulnerabilities https:\/\/www.cybersecuritydive.com\/news\/cisa-cisco-vulnerabilities-sd-wan-confirm-exploitation\/818064\/ Publish Date: 2026-04-21 11:09:00…<\/p>\n","protected":false},"author":1,"featured_media":204481,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/imgproxy.divecdn.com\/ABV2tVvnB1YtTGSG18mIq6S6ZuYolCq8M6iK_XXJQS8\/g:ce\/rs:fit:770:435\/Z3M6Ly9kaXZlc2l0ZS1zdG9yYWdlL2RpdmVpbWFnZS9HZXR0eUltYWdlcy0xMzczMzgzMTg5LmpwZ19yZXNpemUuanBn.webp","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,27],"class_list":["post-204480","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/204480"}],"collection":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=204480"}],"version-history":[{"count":1,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/204480\/revisions"}],"predecessor-version":[{"id":204482,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/204480\/revisions\/204482"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/204481"}],"wp:attachment":[{"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=204480"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=204480"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/testing.news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=204480"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}