Cisco updated its advisory on security flaws in Identity Services Engine, confirming active exploitation of some vulnerabilities. The vulnerabilities are critical-rated (CVSS scores: 10.0) and could allow unauthenticated remote attackers to execute commands on the operating system as root. Cisco ISE manages access to corporate networks, and a compromise could permit attackers to bypass authentication controls. Original vulnerabilities stem from insufficient user input validation and a lack of file validation for uploaded files.
Cisco updated its advisory regarding critical vulnerabilities in Identity Services Engine, acknowledging active exploitation. Some vulnerabilities were attempted to be exploited in the wild as of July 2025.
Cisco ISE is critical for network access control, managing user and device access to networks. A compromise at this level allows attackers to bypass authentication and gain unrestricted access.
The vulnerabilities are rated critical with CVSS scores of 10.0, enabling unauthenticated remote attackers to execute commands on the operating system as root.
CVE-2025-20281 and CVE-2025-20337 allow unvalidated user input to be exploited for arbitrary code execution. CVE-2025-20282 allows arbitrary file uploads that can be executed.
Collection
[
|
...
]