Hackers Could Break Into Govt Systems Without Passwords: NCERT
The National Computer Emergency Response Team (NCERT) has warned of a highly dangerous security flaw in Cisco systems that could allow hackers to take complete control of enterprise and government networks. The major vulnerability allows hackers to break into systems without needing a password.
The issue affects Cisco Catalyst SD-WAN Manager, which is used by organizations to control and manage their networks from a central system. According to the advisory, the flaw is identified as CVE-2026-20127 and has been given a CVSS score of 10.0, the highest possible severity rating. NCERT said the vulnerability has already been used in zero-day attacks.
The flaw allows attackers to bypass login protections and access systems remotely without any credentials, especially if the system is exposed to the internet.
NCERT said that if attackers exploit this vulnerability, they could take full control of the affected network. This includes running system commands, creating fake administrator accounts, changing network settings, and stealing sensitive data such as certificates, API tokens, and network configurations. Since SD-WAN systems manage multiple locations from one platform, attackers could also spread to branch offices and data centers.
According to the advisory, organizations with SD-WAN systems connected to the internet face the highest risk. The danger is even greater for those using outdated software or systems that have not been fully updated. The advisory added that both physical and virtual systems are affected, and all parts of high-availability setups must be updated to stay protected.
NCERT has directed organizations to take immediate action by installing Cisco security updates, limiting external access to management systems, reviewing administrator accounts, changing passwords and credentials, and closely monitoring login activity and system changes.
The agency warned that failure to act quickly could lead to system outages, data leaks, and long-term unauthorized access to critical infrastructure.
