Cisco has disclosed multiple critical security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow unauthenticated remote attackers to execute arbitrary commands with root privileges on affected systems.
The vulnerabilities, assigned CVE identifiers CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337, all carry the maximum CVSS score of 10.0, indicating the most severe level of risk.
Vulnerability Summary
The three vulnerabilities st...
Cisco Discloses '10' Flaw in ISE, ISE-PIC — Patch Now
Dark Reading
5 hours ago
Cisco just disclosed a critical severity flaw in its ISE and ISE-PIC products, joining two similar bugs disclosed last month....
