Home / Threat Intelligence bulletins / Cisco discloses critical vManage flaw

Target Industry

Indiscriminate, opportunistic targeting.


Cisco has disclosed a critical level security vulnerability within the RESR API of their SD-WAN vManage software. The flaw, tracked as CVE-2023-20214 (CVSSv3 score: 9.1), allows for data exfiltration of affected products. The vManage API allows administrators to monitor device status, configure devices and aggregating device statistics.

At the time of writing no evidence exists regarding active exploitation of CVE-2023-20214.


Successful exploitation of CVE-2023-20214 could allow a remote, unauthenticated threat actor to gain read, and limited write, permissions and subsequently access data.

Vulnerability Detection

A security patch for the vulnerability reported on has been released by Cisco. Previous product versions remain vulnerable to potential exploitation.

Affected Products

vManage API

Containment, Mitigations & Remediations

It is strongly recommended that administrators apply the relevant security update as soon as possible. The vulnerability has been addressed in the following SD-WAN vManage versions:


Indicators of Compromise

No specific Indicators of Compromise (IoCs) are available currently.

Threat Landscape

Cisco occupies a significant proportion of the enterprise network infrastructure market share. Given that threat actors generally utilise a combination of probability and asset value to determine which attack surfaces to focus on, Cisco products have become a prime target. As Cisco products have become an integral aspect of business operations, threat actors will continue to exploit vulnerabilities contained within the associated products in an attempt to extract the sensitive data contained therein.

Threat Group

No attribution to specific threat actors or groups has been identified at the time of writing.

Mitre Methodologies


TA0010 – Exfiltration

Further Information

Cisco Advisory


An Intelligence Terminology Yardstick to showing the likelihood of events