Bleeping Computer

Max severity Cisco ISE bug allows pre-auth command execution, patch now

A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root ...
SDxCentral

Cisco shares patches for critical Identity bugs

Cisco has released patches for two flaws on the Identity front. Marked as top-level severity, the vulnerabilities are tagged as CVE-2025-20281 and CVE-2025-20282. Both can be exploited for remote code ...
Bleeping Computer

Cisco: Maximum-severity ISE RCE flaws now exploited in attacks

Cisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks. Although the vendor did ...
CSOonline

Cisco warns of another critical RCE flaw in ISE, urges immediate patching

The newly disclosed flaw affects a specific API that suffers from insufficient input validation to allow unauthenticated RCE at the root. Cisco has dropped another maximum severity advisory detailing ...
TechRepublic

Cisco Patches Three Critical Vulnerabilities – Here are the Products Affected

Cisco Patches Three Critical Vulnerabilities – Here are the Products Affected Your email has been sent Severe vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity ...