Cisco ISE Vulnerability Let Remote attacker Access Sensitive Data

Cisco ISE Vulnerability Let Remote attacker Access Sensitive Data

Posted on By CWS

Cisco has patched a vital flaw in its Identification Providers Engine (ISE) and ISE Passive Identification Connector (ISE-PIC) that lets authenticated directors listen in on delicate server recordsdata.

Dubbed CVE-2026-20029, the vulnerability stems from a flaw in XML parsing within the net administration interface and is assigned a CVSS rating but to be finalized, however is flagged as excessive severity because of its potential for knowledge publicity.

An attacker with legitimate admin credentials can add a malicious XML file, tricking the system into studying arbitrary recordsdata from the underlying OS. This might leak secrets and techniques resembling configuration knowledge, credentials, or different data that’s off-limits even to admins.

“Profitable exploitation grants entry to recordsdata that ought to stay hidden,” Cisco warned in its advisory, emphasizing that no workarounds exist.

All variations of Cisco ISE and ISE-PIC are weak, no matter configuration. The Cisco Product Safety Incident Response Group (PSIRT) confirmed no different merchandise are impacted. Proof-of-concept (PoC) exploit code is publicly accessible, however PSIRT reviews no malicious assaults so far.

Zero Day Initiative researcher Bobby Gould at Development Micro deserves credit score for the invention. Organizations counting on ISE for community entry management, particularly in enterprise or cloud environments, face elevated threat if ISE is unpatched.

Patches and Improve for ISE Vulnerability

Cisco urges rapid upgrades. Right here’s a breakdown of fastened releases:

Cisco ISE/ISE-PIC ReleaseFirst Mounted ReleaseEarlier than 3.2Migrate to a set release3.23.2 Patch 83.33.3 Patch 83.43.4 Patch 43.5Not weak

Improve through Cisco’s ISE help web page guides. PSIRT validates solely listed releases.

ISE powers zero-trust architectures, making this XXE-style bug a nightmare for compliance-heavy sectors like finance and healthcare. Attackers might chain it with privilege escalation for deeper breaches. With PoC accessible, menace actors could weaponize it quickly.

Observe us on Google Information, LinkedIn, and X for every day cybersecurity updates. Contact us to function your tales.

Cyber Security News Tags:, , , , , , ,

Related Posts

Researchers Uncover the Strong Links Between Maverick and Coyote Banking Malwares Researchers Uncover the Strong Links Between Maverick and Coyote Banking Malwares Cyber Security News
New Analysis Uncovers LockBit 5.0 Key Capabilities and Two-Stage Execution Model New Analysis Uncovers LockBit 5.0 Key Capabilities and Two-Stage Execution Model Cyber Security News
LockBit Operators Using Stealthy DLL Sideloading Technique to Load Malicious App as Legitimate One LockBit Operators Using Stealthy DLL Sideloading Technique to Load Malicious App as Legitimate One Cyber Security News
Zoomcar Hacked – 8.4 Million Users Sensitive Details Exposed Zoomcar Hacked – 8.4 Million Users Sensitive Details Exposed Cyber Security News
Hackers Target Ivanti EPMM Devices with Hidden Backdoors Hackers Target Ivanti EPMM Devices with Hidden Backdoors Cyber Security News
How K-12 Schools Can Solve Their Top 10 Cybersecurity Challenges How K-12 Schools Can Solve Their Top 10 Cybersecurity Challenges Cyber Security News