—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in Cisco ISE and Cisco ISE-PIC 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: MEDIUM

Systems Affected

Cisco ISE and Cisco ISE-PIC

Overview

Multiple vulnerabilities have been reported in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to issue commands on the underlying operating system as the root user and allow IP access filters to be bypassed.

Target Audience: 

All IT administrators and individuals responsible for maintaining and updating Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC).

Risk Assessment:

High risk of data manipulation and service disruption.

Impact Assessment:

Potential impact on confidentiality, integrity, and availability of the system.

Description

1. Remote Code Execution Vulnerability ( CVE-2025-20283   CVE-2025-20284   )

These vulnerabilities exist due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by submitting a crafted API request.

Successful exploitation of these vulnerabilities could allow the attacker to execute commands as the root user.

2. Access Bypass Vulnerability ( CVE-2025-20285   )

This vulnerability exists due to improper enforcement of access controls that are configured using the IP Access Restriction feature. An attacker could exploit this vulnerability by logging in to the API from an unauthorized source IP address.

Successful exploitation of this vulnerability could allow the attacker to gain access to the targeted device from an IP address that should have been restricted.

Solution

Apply appropriate updates as mentioned in Cisco Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO

References

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multi-3VpsXOxO

CVE Name

CVE-2025-20283

CVE-2025-20284

CVE-2025-20285

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmiDlugACgkQ3jCgcSdc

ys/rKQ/+JaXU9DJqlYBQ0eEiQkwxnvWN7QAgkJg5x4glgRUxiilOeerVH14FLNXC

ZLk6tPTEY1Fqi8GVXl0J0EXrYdmum0ZAb2fIp3HFH26/FFaXiheonE+Ecrkf2ccK

UffYoCL0eBpuYXuCRk5InzJSloJ+A45EhzrYbyFSdsyiQ6dfrY/zJnb1NzEFLuod

cGZp2ObLukIuo5d7YmBh4d4hGmin7OGq73zftXDnIOq4epxxWg11f5Otm9FgF6r5

MnEr81aHW1+F7CHYjq0Rb8dinch7u7IkAubgBoBYvrqK+qiyxgjzItXghmvUfaty

gQHTdIc08kgWvciAkFLhDyOeCD4cm4eqY7zMZU1n715fZe8ha1qAzZnOucVFqs2Y

j7fCogWPdKZaRRQmPrAUl3hkSpmZHvIG33TSuwEQa5E+Qf5urxzh0qKBtgIQUc42

aysZNBWWUP3BG1jjxgJf8LzuVjyLbvCNZSSgHzVgY+sRp6CSFQSuc7rY0Y+C4f1q

UtnT2G3y/DhsTBuB36j6bP2DDiIuNiymO8fW+TMQsANtKWkD1ZMP1OvZlM6TWNnW

KI9ZOY7XWzTxGMX0v7Em1GMAnwQ28kjfrujNid1VbfjUPAionSSEwfrEYA6WSxHR

9KhDBiIIjLbtmCi91fuTHDZm+KzH12AkVKff5d0C+LFZKoaZOLA=

=v0ok

—–END PGP SIGNATURE—–