""This vulnerability is due to improper parsing of XML that is processed by the web-based management interface of Cisco ISE and Cisco ISE-PIC," Cisco said in a Wednesday advisory. "An attacker could exploit this vulnerability by uploading a malicious file to the application." Successful exploitation of the shortcoming could allow an attacker with valid administrative credentials to read arbitrary files from the underlying operating system, which the company said should be off-limits even to administrators."
"Bobby Gould of Trend Micro Zero Day Initiative has been credited with discovering and reporting the flaw. It affects the following versions - Cisco ISE or ISE-PIC Release earlier than 3.2 - Migrate to a fixed release Cisco ISE or ISE-PIC Release 3.2 - 3.2 Patch 8 Cisco ISE or ISE-PIC Release 3.3 - 3.3 Patch 8 Cisco ISE or ISE-PIC Release 3.4 - 3.4 Patch 4 Cisco ISE or ISE-PIC Release 3.5 - Not vulnerable"
Cisco released updates to fix a medium-severity vulnerability (CVE-2026-20029, CVSS 4.9) in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC). The flaw stems from improper parsing of XML processed by the web-based management interface and can be triggered by uploading a malicious file. An authenticated remote attacker with administrative privileges could exploit the flaw to read arbitrary files from the underlying operating system, bypassing intended access restrictions. A public proof-of-concept exploit exists. Affected versions include releases earlier than 3.2 and specific patched 3.2–3.4 releases; 3.5 is not vulnerable. No workarounds are available.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]