Critical Cisco ISE Vulnerabilities Allow Remote Code Execution 

Posted on By CWS

Cisco on Wednesday introduced patches for 2 critical-severity vulnerabilities in Identification Companies Engine (ISE) and Cisco ISE Passive Identification Connector (ISE-PIC) that would result in distant code execution (RCE).

Exploitable with out authentication, the 2 flaws are tracked as CVE-2025-20281 and CVE-2025-20282 and have the utmost severity rating of 10/10. Each impression particular APIs inside the affected merchandise.

CVE-2025-20281 exists as a result of user-supplied enter is insufficiently validated, permitting distant, unauthenticated attackers to submit crafted API requests and execute arbitrary code with root privileges.

CVE-2025-20282 exists as a result of an absence of file validation checks permits attackers to position arbitrary recordsdata in privileged directories on a weak system.

“An attacker might exploit this vulnerability by importing a crafted file to the affected gadget. A profitable exploit might enable the attacker to retailer malicious recordsdata on the affected system after which execute arbitrary code or get hold of root privileges on the system,” Cisco explains in its advisory.

The bugs usually are not depending on each other, and the exploitation of both of them doesn’t require that the opposite is exploited. Moreover, Cisco says, software program variations affected by one flaw will not be impacted by the opposite.

CVE-2025-20281 impacts ISE and ISE-PIC releases 3.3 and later, and was fastened in ISE and ISE-PIC variations 3.3 patch 6 and three.4 patch 2. CVE-2025-20282 solely impacts ISE and ISE-PIC launch 3.4, no matter gadget configuration, and was addressed in ISE and ISE-PIC 3.4 patch 2.

Given the essential severity of each vulnerabilities, customers are suggested to use the obtainable patches as quickly as attainable.Commercial. Scroll to proceed studying.

On Wednesday, Cisco additionally introduced fixes for a medium-severity ISE flaw that would enable distant attackers to bypass authorization mechanisms and modify particular system settings, together with some resulting in a system restart.

Cisco says it’s not conscious of any of those vulnerabilities being exploited within the wild. Further info will be discovered on the corporate’s safety advisories web page.

Associated: Excessive-Severity Vulnerabilities Patched by Cisco, Atlassian

Associated: Cisco Patches Vital ISE Vulnerability With Public PoC

Associated: Technical Particulars Printed for Vital Cisco IOS XE Vulnerability

Security Week News Tags:, , , , , ,

Related Posts

Data Breach at Doctors Imaging Group Impacts 171,000 People Security Week News
Microsoft, CrowdStrike Lead Effort to Map Threat Actor Names Security Week News
In Other News: $30k Google Cloud Build Flaw, Louis Vuitton Breach Update, Attack Surface Growth Security Week News
Choosing a Clear Direction in the Face of Growing Cybersecurity Demands Security Week News
Creating Realistic Deepfakes Is Getting Easier Than Ever. Fighting Back May Take Even More AI Security Week News
Many Attacks Aimed at EU Targeted OT, Says Cybersecurity Agency Security Week News