CVE-2025-20282Improper Privilege Management in Cisco Identity Services Engine Software

CWE-269Improper Privilege ManagementCWE-74Injection6 documents6 sources
Severity
10.0CRITICALNVD
EPSS
0.3%
top 47.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Cisco Identity Services Engine SoftwareCisco Identity Services EngineCisco Identity Services Engine Passive Identity Connector
Timeline
PublishedJun 25
Latest updateJun 26

Description

A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A succe

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:HExploitability: 3.9 | Impact: 6.0

Affected Packages3 packages

CVEListV5cisco/cisco_identity_services_engine_software3.4 Patch 1, 3.4.0+1

🔴Vulnerability Details

3
GHSA
GHSA-w8p2-wjjr-hr24: A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affe2025-06-26
CVEList
Cisco ISE API Unauthenticated Remote Code Execution Vulnerability2025-06-25
VulnCheck
Cisco Identity Services Engine Improper Privilege Management2025

📋Vendor Advisories

1
Cisco
Cisco Identity Services Engine Unauthenticated Remote Code Execution Vulnerabilities2025-06-25

🕵️Threat Intelligence

1
Bleepingcomputer
Cisco warns of max severity RCE flaws in Identity Services Engine2025-06-26
CVE-2025-20282 — Improper Privilege Management in Cisco | cvebase