Dark Reading

Cisco Discloses '10' Flaw in ISE, ISE-PIC — Patch Now

Networking vendor Cisco disclosed this week a critical vulnerability in one of its security policy products that was designated the highest severity rating possible. CVE-2025-20337 is a vulnerability ...
CSOonline

Cisco warns of critical API vulnerabilities in ISE and ISE-PIC

CSOs are being urged to quickly patch multiple vulnerabilities in Cisco Systems Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could allow an unauthenticated, ...
Hosted on MSN

Cisco fixes two critical make-me-root bugs on Identity Services Engine components

Cisco has dropped patches for a pair of critical vulnerabilities that could allow unauthenticated remote attackers to execute code on vulnerable systems.… Tracked as CVE-2025-20281 and CVE-2025-20282, ...
Bleeping Computer

Cisco warns of max severity RCE flaws in Identity Services Engine

Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector ...
CSOonline

Cisco warns of another critical RCE flaw in ISE, urges immediate patching

The newly disclosed flaw affects a specific API that suffers from insufficient input validation to allow unauthenticated RCE at the root. Cisco has dropped another maximum severity advisory detailing ...
Bleeping Computer

Cisco: Maximum-severity ISE RCE flaws now exploited in attacks

Cisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks. Although the vendor did ...
Infosecurity-magazine.com

CISA Warns of Exploited Critical Vulnerabilities in Cisco Identity Services Engine

The US Cybersecurity and Infrastructure Security Agency (CISA) added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on July 28. These include two highly critical ...