Cisco has addressed two severe vulnerabilities in its Identity Services Engine (ISE), rated at 9.9 and 9.1 severity. These flaws could potentially allow an authenticated remote attacker to execute commands as root or access sensitive information with valid read-only administrative credentials. Both vulnerabilities impact ISE versions 3.0 to 3.3 and have patches available, while version 3.4 is unaffected. There are no known exploits in the wild, but organizations are urged to upgrade affected systems to safeguard against potential attacks, particularly given the history of ransomware linked to compromised credentials.
The first flaw, CVE-2025-20124, stems from the insecure deserialization of user-supplied Java byte streams in Cisco ISE, which is network access control software that enforces security policies and manages endpoints across enterprises' IT environments.
Assuming a miscreant can steal or buy these admin logins, they can essentially fully and quietly take over your equipment even after you think you've managed to keep them out.
Collection
[
|
...
]