Ethical Hacking News
Cisco has addressed two critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) components, CVE-2025-20281 and CVE-2025-20282. These bugs allow unauthenticated remote attackers to execute code on vulnerable systems with root privileges, making them among the most severe threats in terms of potential exploitation.
Cisco has released patches for two critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) components. The vulnerabilities, CVE-2025-20281 and CVE-2025-20282, allow unauthenticated remote attackers to execute code on vulnerable systems with root privileges. These bugs are considered among the most severe threats in terms of potential exploitation due to API flaws and insufficient validation of user-supplied input. Cisco recommends upgrading to the latest available versions: ISE version 3.4 patch 2 for CVE-2025-20282, and ISE version 3.3 patch 6 or 3.4 patch 2 for CVE-2025-20281.
Cisco has recently released patches for two critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) components. The company has assigned a maximum 10/10 severity rating to these bugs, indicating their high impact on system security.
Tracked as CVE-2025-20281 and CVE-2025-20282, these vulnerabilities allow unauthenticated remote attackers to execute code on vulnerable systems with root privileges. This means that the two bugs are considered among the most severe threats in terms of potential exploitation.
ISE is a network access control solution designed for secure network servers, virtual machines, and some cloud instances. ISE-PIC, on the other hand, plays a crucial role in user authentication by passively gathering identity data and feeding it into security tools. Both components are critical to an organization's overall security posture.
According to Cisco, these vulnerabilities are independent of each other, meaning that they can be exploited individually without requiring valid credentials or exploiting one vulnerability to gain access to the other. However, this isolation does not diminish their severity, as both bugs exist due to API flaws and insufficient validation of user-supplied input.
The first bug, CVE-2025-20281, affects versions 3.4 and 3.3 of ISE and ISE-PPIC, respectively. This vulnerability allows attackers to execute code on the underlying operating system (OS) as root by submitting a specially crafted request to an API without authentication or valid credentials.
The second bug, CVE-2025-20282, also exists due to insufficient file validation checks in an internal API. An attacker can exploit this vulnerability by uploading a malicious file to the affected device and executing it on the underlying OS with root privileges.
Cisco has emphasized the importance of applying these patches at the earliest opportunity since there are no workarounds that can mitigate either vulnerability. The company recommends upgrading to the latest available versions: ISE version 3.4 patch 2 for CVE-2025-20282, and ISE version 3.3 patch 6 or 3.4 patch 2 for CVE-2025-20281.
This highlights the importance of staying up-to-date with security patches for critical components like ISE and ISE-PIC. Organizations must take these vulnerabilities seriously and prioritize their implementation to prevent potential exploitation by malicious actors.
Related Information:
https://www.ethicalhackingnews.com/articles/Cisco-Addresses-Critical-Vulnerabilities-in-Identity-Services-Engine-Components-ehn.shtml
Published: Thu Jun 26 12:50:45 2025 by llama3.2 3B Q4_K_M
