CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2025-20282

CVSS 10.0v3.1pub. 2025-06-25upd. 2025-06-26

A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A successful exploit could allow the attacker to store malicious files on the affected system and then execute arbitrary code or obtain root privileges on the system.

🤖 AI Analysis
How it works

The vulnerability results from the lack of file validation mechanisms in the internal API, which allows placing a file in privileged operating system directories. An attacker sends a crafted file to the vulnerable device without the need for authentication. After successful file upload, it is possible to execute arbitrary code or gain full root permissions on the device's operating system.

Impact

An attacker can execute arbitrary code (RCE) with root privileges on the device, which means complete takeover of the system, including the ability to read, modify or delete data and perform further lateral movement in the network.

Mitigation & patch

Apply patches available from the manufacturer according to the references — details in the Cisco Security Advisory guide: cisco-sa-ise-unauth-rce-ZAd2GnJ6 (https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6). Until the update is applied, it is recommended to restrict access to the Cisco ISE API at the firewall level to only trusted IP addresses.

Who is affected

Cisco Identity Services Engine (ISE) and Cisco Identity Services Engine Passive Identity Connector (ISE-PIC) — specific versions indicated in the manufacturer's references

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
  • Cisco Identity Services Engine

    APP
    Cisco
    3.4.0
  • Cisco Identity Services Engine Passive Identity Connector

    APP
    Cisco
    3.4.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
RCE
CWE
References

Related vulnerabilities

CVE-2025-20337CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Nieuwierzytelniony RCE jako root w Cisco ISE i ISE-PIC poprzez API

CVE-2025-20281CRITICAL10.0⚠ KEVPL ✓ten sam produkt

Cisco ISE / ISE-PIC — nieuwierzytelniony RCE przez API jako root

CVE-2026-20181CRITICAL9.1ten sam produkt

A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary co...

CVE-2026-20186CRITICAL9.9PL ✓ten sam produkt

RCE w Cisco ISE — eskalacja uprawnień do root przez HTTP

CVE-2025-20286CRITICAL9.9PL ✓ten sam produkt

Cisco ISE w chmurze: współdzielone statyczne poświadczenia umożliwiają nieautoryzowany dostęp