CVE-2025-20281

Name of the Vulnerable Software and Affected Versions Cisco ISE and Cisco ISE-PIC versions 3.3 and later Cisco ISE versions prior to 3.3 Patch 7 Cisco ISE versions prior to 3.4 Patch 2

Description A vulnerability exists in a specific API within Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input. This allows an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system with root privileges. The vulnerability is exploitable by submitting a crafted API request. This issue is actively being exploited in attacks. A detailed exploit chain has been published, demonstrating the vulnerability's impact. The vulnerability affects devices regardless of configuration. An estimated number of potentially affected devices worldwide is not available.

API Endpoints: The specific API endpoint is not explicitly mentioned. Vulnerable Parameters or Variables: User-supplied input is the vulnerable parameter.

Recommendations Update Cisco ISE to version 3.3 Patch 7 or later. Update Cisco ISE-PIC to version 3.4 Patch 2 or later.