Cisco has issued a warning about active exploits targeting critical flaws in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), discovered in July 2025. The vulnerabilities, tracked as CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337, could allow remote, unauthenticated attackers to gain root access and execute commands on affected systems.
The company confirmed that these flaws are being exploited in the wild and urged users to upgrade to patched software versions immediately. Two of the vulnerabilities, CVE-2025-20281 and CVE-2025-20282, both with CVSS scores of 10, affect versions 3.3 and 3.4 respectively. These issues stem from improper input validation and insecure file upload mechanisms.
CVE-2025-20337, also rated critical, was addressed in the first week of July. Although Cisco has not disclosed details about the attacks or those behind them, the company emphasized the urgency of applying security updates to prevent system compromise.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
