PT-2025-26847 · Cisco · Cisco Ise +1
Bobby Gould
+1
·
Published
2025-06-25
·
Updated
2025-09-05
·
CVE-2025-20281
10
Critical
| Base vector | Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H |
**Name of the Vulnerable Software and Affected Versions:**
Cisco ISE and Cisco ISE-PIC versions 3.3 and later.
**Description:**
A vulnerability exists in a specific API of Cisco ISE and Cisco ISE-PIC due to insufficient validation of user-supplied input. This allows an unauthenticated, remote attacker to execute arbitrary code on the underlying operating system as root. The vulnerability has been actively exploited and a complete exploit chain has been published. The vulnerability allows attackers to send crafted API requests to execute arbitrary commands without requiring any valid credentials.
**Recommendations:**
Cisco ISE and Cisco ISE-PIC versions 3.3 and later: Update to 3.3 Patch 7 or 3.4 Patch 2.
Exploit
Fix
RCE
Special Elements Injection
Weakness Enumeration
Related Identifiers
Affected Products
References · 153
- 🔥 https://zerodayinitiative.com/blog/2025/7/24/cve-2025-20281-cisco-ise-api-unauthenticated-remote-code-execution-vulnerability · Exploit
- https://bdu.fstec.ru/vul/2025-08248 · Security Note
- https://zerodayinitiative.com/advisories/ZDI-25-609 · Security Note
- https://nvd.nist.gov/vuln/detail/CVE-2025-20281 · Security Note
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6 · Vendor Advisory
- https://reddit.com/r/CVEWatch/comments/1mbc5j6/top_10_trending_cves_28072025 · Reddit Post
- https://twitter.com/CVEnew/status/1937916421545074768 · Twitter Post
- https://twitter.com/ZeroDayFacts/status/1958111014416998776 · Twitter Post
- https://reddit.com/r/Action1/comments/1luvbmr/%F0%9D%90%93%F0%9D%90%A8%F0%9D%90%9D%F0%9D%90%9A%F0%9D%90%B2%F0%9D%90%AC_%F0%9D%90%8F%F0%9D%90%9A%F0%9D%90%AD%F0%9D%90%9C%F0%9D%90%A1_%F0%9D%90%93%F0%9D%90%AE%F0%9D%90%9E%F0%9D%90%AC%F0%9D%90%9D%F0%9D%90%9A%F0%9D%90%B2_%F0%9D%90%A8%F0%9D%90%AF%F0%9D%90%9E%F0%9D%90%AB%F0%9D%90%AF%F0%9D%90%A2%F0%9D%90%9E%F0%9D%90%B0 · Reddit Post
- https://twitter.com/ScyScan/status/1949864372899401791 · Twitter Post
- https://reddit.com/r/cybersecurity/comments/1ll75dk/cisco_ise_vulnerable_apis_cve202520124_and · Reddit Post
- https://twitter.com/johndjohnson/status/1946325184153035256 · Twitter Post
- https://twitter.com/ZeroDayFacts/status/1962692208936587733 · Twitter Post
- https://reddit.com/r/pwnhub/comments/1llaq9a/severe_rce_flaws_in_cisco_ise_expose · Reddit Post
- https://twitter.com/ThomasE895438/status/1950210817732792346 · Twitter Post