Critical Cisco ISE Flaws Allow Root Access and Command Execution - Patches Released

Critical Security Flaws Discovered in Cisco Identity Services Engine

Cisco has issued critical security updates addressing two severe vulnerabilities in its Identity Services Engine (ISE). These flaws pose significant risks to affected systems:

Critical Vulnerabilities:
1. CVE-2025-20124 (CVSS 9.9)
– Insecure Java deserialization vulnerability
– Allows authenticated remote attackers to execute arbitrary root-level commands

2. CVE-2025-20125 (CVSS 9.1)
– Authorization bypass vulnerability
– Enables read-only users to access sensitive data, modify configurations, and restart nodes

Attack Method:
Attackers can exploit these vulnerabilities by:
– Sending crafted serialized Java objects
– Submitting malicious HTTP requests to specific API endpoints

Fixed Versions:
– ISE 3.0: Migration to newer version required
– ISE 3.1: Patch 3.1P10
– ISE 3.2: Patch 3.2P7
– ISE 3.3: Patch 3.3P4
– ISE 3.4: Not affected

The vulnerabilities, discovered by Deloitte researchers Dan Marin and Sebastian Radulea, currently show no signs of active exploitation. However, immediate system updates are strongly recommended as no alternative workarounds exist.

Keywords: Cisco security vulnerabilities, Identity Services Engine flaws, CVE-2025-20124, Java deserialization exploit, ISE security patches, network security updates

Share This Article

Critical Cisco ISE Flaws Allow Root Access and Command Execution – Patches Released

Related Articles

Urgent Alert: Booking.com Phishing Scam Uses “ClickFix” Trick to Deploy Dangerous Malware Against Hospitality Workers

Urgent Alert: Critical FreeType Vulnerability Actively Exploited in the Wild – What You Need to Know

Alert: Medusa Ransomware Strikes Over 300 U.S. Critical Infrastructure Organizations

Quick Links

Company

Get In Touch