—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in Cisco Identity Services Engine

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: CRITICAL

Systems Affected

Cisco Identity Services Engine (ISE)

Cisco ISE Passive Identity Connector

Overview

Multiple vulnerabilities have been reported in the Cisco Identity Services Engine, which could allow an attacker to execute arbitrary code or unauthorized access to sensitive system files on the targeted system.

Target Audience:

All IT administrators and individuals responsible for maintaining and updating Cisco Identity Services Engine (ISE).

Risk Assessment:

High Risk of Remote code execution, elevation of privileges, or read arbitrary files.

Impact Assessment:

Successful exploitation could lead to complete system compromise, unauthorized file access, privilege escalation to root, or denial of service conditions on affected system.

Description

Cisco Identity Services Engine (ISE) is a network security platform that provides centralized authentication, authorization, and policy enforcement for secure access control across an organization¿s network.

These vulnerabilities exist in Cisco ISE due to insufficient validation and improper handling of user-supplied input in various components. An attacker could exploit these vulnerabilities by sending a specially crafted HTTP request on the targeted system.

Successful exploitation of these vulnerabilities could allow the attacker to execute arbitrary code or unauthorized access to sensitive system files on the targeted system.

Solution

Apply appropriate security updates as mentioned in CISCO advisory:

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv

References

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv

CVE Name

CVE-2026-20180

CVE-2026-20186

CVE-2026-20147

CVE-2026-20148

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmnnkxUACgkQ3jCgcSdc

ys/e8A//fTTLtFGE5A69cJ2qxTE4U7TACwNBe6ilG48RI6a/U/beYUWNdWVLYj1V

twXX3JXF/DVWH/ZxJm1PFvxxxCCInhJw4vFajjSX33tX3rgAszgUYtV2C5L4xx43

QLLAC6taSFeRluPzvTyyBoE1LrEMvpW8Dghw7ou7VY+oLJSyd9T0A2RXO2YW/clI

yRXi2vPzXhPM5zKktB0o596dY8zrSwKV8Lv9o1MOkEVBXZx4xfWdcAGdQZ169VZj

jHkrWGq+uqiIrweaIDm9ierDQYlFLGy8JqH4EUilpyCl75clndodBcfdop5GuZNW

JLXasSWWlfPtQu8oEhD3Ny4JN+zi6jVoNknGU0XMvsae5v6TBeTtq9ZFJ+b48c1G

g5YYeods2r2+8mJqyGuUU3a1dlsSkqrdX9GkExG8l7wyYNmF6nUXjiop6OaTrwTK

k17IkL2pVHAQyxPhnfD5dJIoztGpI5akMEmI4QdLVNYRq+wD9uAMvxEwmZi2Tvy4

x4tPXk19ZDysnVZIdeiKNTTI7Q5cwmXv3mn3beZZU97JDZBuevBt9W0A0r6VUEck

Qx1eIXw+TQrxr365o+p4rTuC4sh39l1Jtie+xY434cBAx55UyqPDA440cZ1AgwO2

K9cp2qDKkwMilNBQsWYrD8043Zl6L35oHPQsa8hBifdLmvuLf7c=

=dVbl

—–END PGP SIGNATURE—–