CVE-2025-20283
published 2025-07-16CVE-2025-20283: A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying…
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as root.
This vulnerability is due to insufficient validation of user-supplied input. An attacker with valid credentials could exploit this vulnerability by submitting a crafted API request. A successful exploit could allow the attacker to execute commands as the root user. To exploit this vulnerability, the attacker must have valid high-privileged credentials.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | cisco_identity_services_engine_software | — | — |
| cisco | cisco_identity_services_engine_software | — | — |
| cisco | cisco_identity_services_engine_software | — | — |
| cisco | cisco_identity_services_engine_software | — | — |
| cisco | cisco_identity_services_engine_software | — | — |
| cisco | cisco_identity_services_engine_software | — | — |
| cisco | cisco_identity_services_engine_software | — | — |
| cisco | cisco_identity_services_engine_software | — | — |
| cisco | cisco_identity_services_engine_software | — | — |
| cisco | identity_services_engine | < 3.3.0 | 3.3.0 |
| cisco | identity_services_engine | — | — |
| cisco | identity_services_engine | — | — |
| cisco | identity_services_engine_authenticated | — | — |
| cisco | identity_services_engine_passive_identity_connector | < 3.3.0 | 3.3.0 |
| cisco | identity_services_engine_passive_identity_connector | — | — |
| cisco | identity_services_engine_passive_identity_connector | — | — |