Cisco News Articles

Second Tea data breach exposes user chats.

PoC exploit published for maximum-severity Cisco ISE flaw. CISA warns of PaperCut vulnerability exploitation.

2 weeks ago

Two 10.0 Cisco ISE bugs added to CISA list of exploited vulnerabilities

Security teams should patch right away because exploiting ISE lets attackers gain full control of an enterprise network.

2 weeks ago

CISA Adds Three Known Exploited Vulnerabilities to Catalog | CISA

CISA has added three new vulnerabilities to its KEV Catalog, based on evidence of active exploitation

2 weeks ago

U.S. CISA adds Cisco ISE and PaperCut NG/MF flaws to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Cisco ISE and PaperCut flaws to its Known Exploited Vulnerabilities catalog.

2 weeks ago

Exploit available for critical Cisco ISE bug exploited in attacks

Security researcher Bobby Gould has published a blog post demonstrating a complete exploit chain for CVE-2025-20281, an unauthenticated remote code execution vulnerability in Cisco Identity Services Engine (ISE).

2 weeks ago

Cisco confirms active exploitation of ISE and ISE-PIC flaws

Cisco warns of active exploits targeting Identity Services Engine (ISE) and ISE-PIC flaws, first observed in July 2025.

3 weeks ago

Cisco warns of attempted exploitation of max severity ISE flaws

Three separate flaws could each enable unauthenticated RCE with root privileges.

3 weeks ago

Critical Cisco ISE Vulnerabilities Actively Exploited in RCE Attacks

Cisco has issued a critical security advisory warning of multiple unauthenticated remote code execution vulnerabilities in its Identity Services Engine (ISE).

3 weeks ago

Cisco Alerts on ISE RCE Vulnerability Actively Exploited

Cisco has issued an urgent security advisory warning that a set of critical remote code execution (RCE) vulnerabilities.

3 weeks ago

Cisco Warns of Identity Services Engine RCE Vulnerability Exploited in the Wild

Cisco Systems has issued a critical security advisory warning of multiple remote code execution vulnerabilities in its Identity Services Engine (ISE) that are being actively exploited by attackers in the wild.

3 weeks ago

Cisco Updates Advisory with Additional Maximum Severity Unauthenticated RCE in ISE and ISE-PIC I Arctic Wolf

On July 16, 2025, Cisco updated its advisory to include a third maximum-severity vulnerability affecting Cisco Identity Services Engine (ISE) and ISE-Passive Identity Connector (ISE-PIC), tracked as CVE-2025-20337.

4 weeks ago

Cisco Updates Advisory with Additional Maximum Severity Unauthenticated RCE in ISE and ISE-PIC I Arctic Wolf

On July 16, 2025, Cisco updated its advisory to include a third maximum-severity vulnerability affecting Cisco Identity Services Engine (ISE) and ISE-Passive Identity Connector (ISE-PIC), tracked as CVE-2025-20337.

4 weeks ago

Cisco CVE-2025-20337 & ISE-PIC Vulnerabilities Uncovered

Cisco warns CVE-2025-20337, CVE-2025-20281, and CVE-2025-20282 flaws in ISE and ISE-PIC.

4 weeks ago

Cisco Discloses '10' Flaw in ISE, ISE-PIC — Patch Now

Cisco just disclosed a critical severity flaw in its ISE and ISE-PIC products, joining two similar bugs disclosed last month.

4 weeks ago

Watch out, another max-severity Cisco bug on the loose

Cisco has issued a patch for a critical 10 out of 10 severity bug in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) that could allow an unauthenticated, remote attacker to run...

4 weeks ago

Chinese hackers breached National Guard to steal network configurations

The Chinese state-sponsored hacking group known as Salt Typhoon breached and remained undetected in a U.S. Army National Guard network for nine months in 2024, stealing network configuration files and administrator credentials that could be used to compromise other government networks.

4 weeks ago

Max severity Cisco ISE bug allows pre-auth command execution, patch now

A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices.

4 weeks ago

Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity

Cisco warns of CVE-2025-20337, a critical ISE flaw (CVSS 10) allowing remote code execution with root privileges.

4 weeks ago

Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code

Cisco's CVE-2025-20337 flaw exposes ISE to root access via API exploit. Affects releases 3.3 & 3.4.

4 weeks ago

Critical Vulnerabilities in Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC)

Cisco has released security updates addressing multiple critical vulnerabilities in their ISE and ISE-PIC. Users and administrators of affected products are…

CVE-2025-20309: Cisco Unified Communications Manager Static SSH Credentials Maximum Severity Vulnerability | Arctic Wolf

Cisco released a security advisory detailing a maximum severity vulnerability (CVE-2025-20309) in Cisco Unified Communications Manager and Unified Communications Manager SME Engineering Special, caused by hard-coded root SSH credentials that cannot be changed or removed.

Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309) - Help Net Security

Cisco has found hardcoded default credentials (CVE-2025-20309) in its Cisco Unified Communications Manager platform.

Cisco Patches Critical CVE-2025-20309 Root Access Flaw

CVE-2025-20309 exposes Cisco Unified CM to remote root access via static credentials. No workaround exists—patch or upgrade now.

Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials

CVE-2025-20309 in Cisco Unified CM could grant root access, allowing arbitrary command execution.

Cisco warns that Unified CM has hardcoded root SSH credentials

Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges.

Critical Vulnerabilities in Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC)

Cisco has released security updates addressing multiple critical vulnerabilities in their ISE and ISE-PIC. Users and administrators of affected products are…

Cisco fixes two critical make-me-root bugs

Cisco has dropped patches for a pair of critical vulnerabilities that could allow unauthenticated remote attackers to execute code on vulnerable systems. Tracked as CVE-2025-20281 and CVE-2025-20282, Cisco...

Cisco warns of max severity RCE flaws in Identity Services Engine

Cisco has published a bulletin to warn about two critical, unauthenticated remote code execution (RCE) vulnerabilities affecting Cisco Identity Services Engine (ISE) and the Passive Identity Connector (ISE-PIC).

Critical RCE Flaws in Cisco ISE and ISE-PIC Allow Unauthenticated Attackers to Gain Root Access

Cisco fixes CVE-2025-20281 and CVE-2025-20282 in ISE, ISE-PIC to prevent remote code execution.

Cisco ISE Vulnerability Allows Remote Attackers to Execute Malicious Command

Cisco has issued urgent security patches addressing two critical vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC) platforms.

Cisco fixed critical ISE flaws allowing Root-level RCE

Cisco released patches to fix two critical vulnerabilities in Cisco ISE and ISE-PIC that could let remote attackers execute to code as root

Critical Cisco ISE Vulnerabilities Allow Remote Code Execution 

Two critical vulnerabilities in Cisco ISE could allow remote attackers to execute arbitrary code with root privileges.

ClamAV® blog

Today, we are publishing the 1.4.3 and 1.0.9 security patch versions. We have also added Linux aarch64 (aka ARM64) RPM and DEB installer packages for the 1.4 LTS release.The release files for the patch...

Canada Latest Nation Targeted in Salt Typhoon Telecom Spree

The Canadian Center for Cybersecurity has confirmed that the Chinese state-sponsored cyber-threat actor targeted one of its telecommunications companies in February via a Cisco flaw, as part of global attack wave.

China-linked Salt Typhoon Exploits Critical Cisco Vulnerability to Target Canadian Telecom

Chinese Salt Typhoon actors exploit Cisco vulnerability to target global telecom providers, including Canadian devices (CVE-2023-20198).

Canada says Salt Typhoon hacked telecom firm via Cisco flaw

The Canadian Centre for Cyber Security and the FBI confirm that the Chinese state-sponsored 'Salt Typhoon' hacking group is also targeting Canadian telecommunication firms, breaching a telecom provider in February.

ClamAV 1.4.3 and 1.0.9 Released With Fix for Vulnerabilities that Enable Remote Code Execution

Multiple high-severity vulnerabilities, including a dangerous buffer overflow capable of remote code execution, have been fixed in critical security updates released.

Critical Vulnerability in Cisco ISE

Cisco has released security updates addressing a critical vulnerability (CVE-2025-20286) in its Identity Services Engine (ISE).

Exploitation Risk Grows for Critical Cisco Bug

New details on the Cisco IOS XE vulnerability could help attackers develop a working exploit soon, researchers say.

Experts published a detailed analysis of Cisco IOS XE WLC flaw CVE-2025-20188

Technical details about a critical Cisco IOS XE WLC flaw (CVE-2025-20188) are now public, raising the risk of a working exploit emerging soon.

Exploit details for max severity Cisco IOS XE flaw now public

Technical details about a maximum-severity Cisco IOS XE WLC arbitrary file upload flaw tracked as CVE-2025-20188 have been made publicly available, bringing us closer to a working exploit.

ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices

ViciousTrap exploited CVE-2023-20118 to hijack 5,300 routers, building a honeypot-style spy network.

Cisco patches maximum severity vulnerability in IOS XE Software

A hard-coded JSON Web Token could allow a remote attacker to upload files with root privileges.

Cisco patches maximum severity vulnerability in IOS XE Software

A hard-coded JSON Web Token could allow a remote attacker to upload files with root privileges.

Cisco fixes max severity IOS XE flaw letting attackers hijack devices

Cisco has fixed a maximum severity flaw in IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices.

Cisco Patches CVE-2025-20188 In IOS XE Wireless Controller

Cisco fixes CVE-2025-20188, a critical 10.0 CVSS flaw in IOS XE Wireless Controller, allowing remote root exploits via hard-coded JWT.

NVD - CVE-2025-20188

Description A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an...

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

Cisco fixes CVE-2025-20188, a 10.0 CVSS flaw tied to hardcoded JWT in wireless controllers, preventing root-level remote exploits.