- • Cisco has identified three critical remote code execution vulnerabilities (CVE-2025-20281, CVE-2025-20282, CVE-2025-20337) in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), all rated 10.0 on the CVSS scale.
- • These vulnerabilities allow unauthenticated attackers to execute arbitrary commands with root privileges, posing significant risks to network security and access control.
- • Cisco confirmed that these vulnerabilities are actively being exploited in the wild, although specific details about the threat actors or the scale of attacks remain undisclosed.
- • Immediate action is required: organizations must apply the latest security patches provided by Cisco to mitigate these vulnerabilities, as no workarounds are available.
Cisco has issued an urgent advisory regarding three critical remote code execution vulnerabilities (CVE-2025-20281, CVE-2025-20282, CVE-2025-20337) in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), which are currently being exploited by attackers. These flaws allow unauthenticated remote access with root privileges, threatening network integrity and access control. Organizations must urgently apply the latest patches to affected systems to prevent exploitation, as no alternative mitigations exist. Security teams should prioritize these updates to safeguard their networks and monitor for any signs of unauthorized access.
