A critical vulnerability (CVE-2025-20337) in Cisco's Identity Services Engine (ISE) allows an unauthenticated attacker to store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. The vulnerability is due to insufficient user-supplied input validation checks and has a maximum severity rating of 10 out of 10. It affects Cisco ISE and ISE-PIC releases 3.3 and 3.4. The vulnerability was discovered by Kentaro Kawane from GMO Cybersecurity by Ierae and reported to Trend Micro's Zero Day Initiative (ZDI). System administrators are advised to take immediate action to mitigate the risks by upgrading to the specified patches.
TPRM report: https://scoringcyber.rankiteo.com/company/cisco
"id": "cis606071825",
"linkid": "cisco",
"type": "Vulnerability",
"date": "7/2025",
"severity": "100",
"impact": "3",
"explanation": "Attack with significant impact with internal employee data leaks"{'affected_entities': [{'industry': 'Technology',
'name': 'Cisco',
'type': 'Organization'}],
'attack_vector': 'Remote',
'description': "A critical vulnerability (CVE-2025-20337) in Cisco's Identity "
'Services Engine (ISE) could be exploited to let an '
'unauthenticated attacker store malicious files, execute '
'arbitrary code, or gain root privileges on vulnerable '
'devices.',
'impact': {'systems_affected': ['Cisco ISE and ISE-PIC versions 3.4 and 3.3']},
'post_incident_analysis': {'corrective_actions': ['Apply patches for '
'CVE-2025-20337'],
'root_causes': ['Insufficient user-supplied input '
'validation checks']},
'recommendations': ['System administrators should take immediate action to '
'mitigate risks',
'Ensure devices have enough memory before upgrading',
'Test and confirm current configurations for hardware and '
'software components'],
'response': {'remediation_measures': ['Upgrade to ISE 3.3 Patch 7 or ISE 3.4 '
'Patch 2']},
'title': 'Cisco ISE Critical Vulnerability (CVE-2025-20337)',
'type': 'Vulnerability',
'vulnerability_exploited': 'CVE-2025-20337'}