Cisco has issued patches to fix two critical security flaws in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), which could allow remote attackers to execute code with root access.
The vulnerabilities, identified as CVE-2025-20281 and CVE-2025-20282, both carry the highest severity rating of 10 on the CVSS scale. They impact specific versions of the software: CVE-2025-20281 affects ISE/ISE-PIC version 3.3 and later, while CVE-2025-20282 affects only version 3.4. Versions outside these ranges are not affected.
According to Cisco’s advisory, CVE-2025-20281 stems from improper validation of user input in an API. An attacker could exploit this by sending a specially crafted API request, allowing them to execute commands as root on a vulnerable device.
CVE-2025-20282 results from missing file validation controls. An unauthenticated attacker could upload a malicious file to privileged directories using an internal API, leading to the execution of arbitrary code or full system access.
Cisco confirmed that there are no workarounds for these vulnerabilities. Users are strongly advised to apply the security updates as soon as possible to protect their systems.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
