vulnerability
Cisco ISE: CVE-2025-20284: Cisco Identity Services Engine Authenticated Remote Code Execution and Authorization Bypass Vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:M/C:C/I:C/A:N) | Jul 16, 2025 | Oct 21, 2025 | Oct 21, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:M/C:C/I:C/A:N)
Published
Jul 16, 2025
Added
Oct 21, 2025
Modified
Oct 21, 2025
Description
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root.
This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials.
Solution
cisco-ise-upgrade-latest
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.