Hosted on MSN

Cisco fixes two critical make-me-root bugs on Identity Services Engine components

Cisco has dropped patches for a pair of critical vulnerabilities that could allow unauthenticated remote attackers to execute code on vulnerable systems.… Tracked as CVE-2025-20281 and CVE-2025-20282, ...
CSOonline

Cisco warns of critical API vulnerabilities in ISE and ISE-PIC

CSOs are being urged to quickly patch multiple vulnerabilities in Cisco Systems Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could allow an unauthenticated, ...
SDxCentral

Cisco shares patches for critical Identity bugs

Cisco has released patches for two flaws on the Identity front. Marked as top-level severity, the vulnerabilities are tagged as CVE-2025-20281 and CVE-2025-20282. Both can be exploited for remote code ...
CSOonline

Cisco warns of another critical RCE flaw in ISE, urges immediate patching

The newly disclosed flaw affects a specific API that suffers from insufficient input validation to allow unauthenticated RCE at the root. Cisco has dropped another maximum severity advisory detailing ...
Bleeping Computer

Cisco: Maximum-severity ISE RCE flaws now exploited in attacks

Cisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks. Although the vendor did ...
Bleeping Computer

Cisco warns of max severity RCE flaws in Identity Services Engine

Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector ...
Infosecurity-magazine.com

CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine

The US Cybersecurity and Infrastructure Security Agency (CISA) added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on July 28. These include two highly critical ...