UAT-8616

Nation: China · 4 tracked threat(s) · Categories: VULNERABILITY, ZERO_DAY

Also known as: UAT-8616, UAT8616

Tracked threats

Cisco Catalyst SD-WAN CVE-2026-20182 — Critical Authentication Bypass Zero-Day Actively Exploited by UAT-8616 (CVSS 10.0, CISA KEV, ED 26-03) — CRITICAL
CVE-2026-20127: Critical Cisco Catalyst SD-WAN Authentication Bypass Exploited by UAT-8616 Since 2023 (CVSS 10.0) — CRITICAL
CVE-2026-20127 Cisco Catalyst SD-WAN Zero-Day — UAT-8616 Authentication Bypass Active Exploitation — CRITICAL
Cisco Catalyst SD-WAN Zero-Day (CVE-2026-20127) — UAT-8616 Active Exploitation Since 2023, Authentication Bypass to Admin, Critical Infrastructure Targeting — CRITICAL

Full actor intelligence — infrastructure, IOCs, detection coverage and operator fingerprints — is available via the Threadlinqs MCP server (Purple tier). View plans →

Threadlinqs Intelligence