Arbitrary File Upload Vulnerability in Cisco ISE and ISE-PIC
CVE-2025-20282
What is CVE-2025-20282?
A vulnerability exists in an internal API of Cisco ISE and Cisco ISE-PIC that enables unauthenticated remote attackers to upload arbitrary files to the system. This oversight is caused by insufficient validation checks during the file upload process, allowing malicious files to be placed in privileged directories. An attacker exploiting this vulnerability can execute these files, thereby gaining root-level access to the system and potentially compromising its integrity.
Affected Version(s)
Cisco Identity Services Engine Software 3.4.0
Cisco Identity Services Engine Software 3.4 Patch 1
News Articles
Critical Cisco ISE Vulnerabilities Actively Exploited in RCE Attacks
Cisco has issued a critical security advisory warning of multiple unauthenticated remote code execution vulnerabilities in its Identity Services Engine (ISE).
2 weeks ago
Cisco Warns of Identity Services Engine RCE Vulnerability Exploited in the Wild
Cisco Systems has issued a critical security advisory warning of multiple remote code execution vulnerabilities in its Identity Services Engine (ISE) that are being actively exploited by attackers in the wild.
2 weeks ago
Critical Vulnerabilities in Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC)
Cisco has released security updates addressing multiple critical vulnerabilities in their ISE and ISE-PIC. Users and administrators of affected products are…
References
CVSS V3.1
Timeline
- 📰
First article discovered by SecurityWeek
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved