{"id":2390,"date":"2025-06-26T16:24:00","date_gmt":"2025-06-26T13:24:00","guid":{"rendered":"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/"},"modified":"2025-06-26T16:24:00","modified_gmt":"2025-06-26T13:24:00","slug":"severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges","status":"publish","type":"post","link":"https:\/\/trustcrypt.com\/ar\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/","title":{"rendered":"Severe Remote Code Execution Vulnerabilities in Cisco ISE and ISE-PIC Enable Unauthenticated Access to Root Privileges"},"content":{"rendered":"<p>Cisco has released updates to address two critical-severity security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), which could allow unauthenticated attackers to execute arbitrary commands with root privileges.<\/p>\n<p>The vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20282, both carry a CVSS score of 10.0. The detailed descriptions of these vulnerabilities are as follows:<\/p>\n<ul>\n<li>\n<p><strong>CVE-2025-20281<\/strong>: This unauthenticated remote code execution vulnerability affects Cisco ISE and ISE-PIC versions 3.3 and later. It could enable an unauthenticated remote attacker to execute arbitrary code on the underlying operating system with root privileges.<\/p>\n<\/li>\n<li>\n<p><strong>CVE-2025-20282<\/strong>: This vulnerability, impacting Cisco ISE and ISE-PIC release 3.4, allows an unauthenticated remote attacker to upload arbitrary files to an affected device and execute those files on the underlying operating system with root privileges.<\/p>\n<\/li>\n<\/ul>\n<p>CVE-2025-20281 arises from insufficient validation of user-supplied input. An attacker can exploit this by sending a crafted API request, gaining elevated privileges to execute commands. Conversely, CVE-2025-20282 results from inadequate file validation checks, which fail to prevent uploaded files from being saved in privileged directories. A successful exploit could allow attackers to store malicious files on the affected system, leading to the execution of arbitrary code or obtaining root access.<\/p>\n<p>Cisco has indicated that no workarounds are available to mitigate these vulnerabilities. The issues have been resolved in the following firmware versions:<\/p>\n<ul>\n<li>\n<strong>CVE-2025-20281<\/strong>: Fixed in Cisco ISE or ISE-PIC 3.3 Patch 6 and 3.4 Patch 2.<\/li>\n<li>\n<strong>CVE-2025-20282<\/strong>: Fixed in Cisco ISE or ISE-PIC 3.4 Patch 2.<\/li>\n<\/ul>\n<p>The identification of CVE-2025-20281 is credited to Bobby Gould of Trend Micro Zero Day Initiative, along with Kentaro Kawane of GMO Cybersecurity. Kawane has also been recognized for reporting CVE-2025-20282.<\/p>\n<p>While there is currently no evidence of these vulnerabilities being exploited in the wild, it is imperative for users to apply the available patches promptly to protect against potential risks.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Cisco has released updates to address two critical-severity security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity&#8230;<\/p>\n","protected":false},"author":1,"featured_media":2391,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"Default","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[28],"tags":[167,79,148],"class_list":["post-2390","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog","tag-patches","tag-security","tag-vulnerabilities"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v25.0 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Severe Remote Code Execution Vulnerabilities in Cisco ISE and ISE-PIC Enable Unauthenticated Access to Root Privileges - Trustcrypt<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/trustcrypt.com\/ar\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/\" \/>\n<meta property=\"og:locale\" content=\"ar_AR\" \/>\n<meta property=\"og:locale:alternate\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Severe Remote Code Execution Vulnerabilities in Cisco ISE and ISE-PIC Enable Unauthenticated Access to Root Privileges\" \/>\n<meta property=\"og:description\" content=\"Cisco has released updates to address two critical-severity security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/trustcrypt.com\/ar\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/\" \/>\n<meta property=\"og:site_name\" content=\"Trustcrypt\" \/>\n<meta property=\"article:published_time\" content=\"2025-06-26T13:24:00+00:00\" \/>\n<meta name=\"author\" content=\"Trustscrypt\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u0643\u064f\u062a\u0628 \u0628\u0648\u0627\u0633\u0637\u0629\" \/>\n\t<meta name=\"twitter:data1\" content=\"Trustscrypt\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u0648\u0642\u062a \u0627\u0644\u0642\u0631\u0627\u0621\u0629 \u0627\u0644\u0645\u064f\u0642\u062f\u0651\u0631\" \/>\n\t<meta name=\"twitter:data2\" content=\"\u062f\u0642\u064a\u0642\u062a\u0627\u0646\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/\",\"url\":\"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/\",\"name\":\"Severe Remote Code Execution Vulnerabilities in Cisco ISE and ISE-PIC Enable Unauthenticated Access to Root Privileges\",\"isPartOf\":{\"@id\":\"https:\/\/trustcrypt.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/trustcrypt.com\/wp-content\/uploads\/2025\/06\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges.webp\",\"datePublished\":\"2025-06-26T13:24:00+00:00\",\"author\":{\"@id\":\"https:\/\/trustcrypt.com\/#\/schema\/person\/469b1cf97b9f7ea4e4d7fa31689dfa9f\"},\"inLanguage\":\"ar\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"ar\",\"@id\":\"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/#primaryimage\",\"url\":\"https:\/\/trustcrypt.com\/wp-content\/uploads\/2025\/06\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges.webp\",\"contentUrl\":\"https:\/\/trustcrypt.com\/wp-content\/uploads\/2025\/06\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges.webp\",\"width\":1792,\"height\":1024,\"caption\":\"Severe Remote Code Execution Vulnerabilities in Cisco ISE and ISE-PIC Enable Unauthenticated Access to Root Privileges\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/trustcrypt.com\/#website\",\"url\":\"https:\/\/trustcrypt.com\/\",\"name\":\"Trustcrypt\",\"description\":\"\u0627\u0644\u0623\u0645\u0646 \u0647\u0648 \u0627\u0633\u0645\u0646\u0627 \u0627\u0644\u062b\u0627\u0646\u064a\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/trustcrypt.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"ar\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/trustcrypt.com\/#\/schema\/person\/469b1cf97b9f7ea4e4d7fa31689dfa9f\",\"name\":\"Trustscrypt\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"ar\",\"@id\":\"https:\/\/trustcrypt.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4c36ff3376565a0f4981e9397667feb08d5e09acacce32a52ea4a3f628e03692?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4c36ff3376565a0f4981e9397667feb08d5e09acacce32a52ea4a3f628e03692?s=96&d=mm&r=g\",\"caption\":\"Trustscrypt\"},\"sameAs\":[\"http:\/\/trustcrypt.com\"],\"url\":\"https:\/\/trustcrypt.com\/ar\/author\/trustscrypt\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Severe Remote Code Execution Vulnerabilities in Cisco ISE and ISE-PIC Enable Unauthenticated Access to Root Privileges - Trustcrypt","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/trustcrypt.com\/ar\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/","og_locale":"ar_AR","og_type":"article","og_title":"[:en]Severe Remote Code Execution Vulnerabilities in Cisco ISE and ISE-PIC Enable Unauthenticated Access to Root Privileges[:] - Trustcrypt","og_description":"Cisco has released updates to address two critical-severity security vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity...","og_url":"https:\/\/trustcrypt.com\/ar\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/","og_site_name":"Trustcrypt","article_published_time":"2025-06-26T13:24:00+00:00","author":"Trustscrypt","twitter_card":"summary_large_image","twitter_misc":{"\u0643\u064f\u062a\u0628 \u0628\u0648\u0627\u0633\u0637\u0629":"Trustscrypt","\u0648\u0642\u062a \u0627\u0644\u0642\u0631\u0627\u0621\u0629 \u0627\u0644\u0645\u064f\u0642\u062f\u0651\u0631":"\u062f\u0642\u064a\u0642\u062a\u0627\u0646"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/","url":"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/","name":"Severe Remote Code Execution Vulnerabilities in Cisco ISE and ISE-PIC Enable Unauthenticated Access to Root Privileges","isPartOf":{"@id":"https:\/\/trustcrypt.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/#primaryimage"},"image":{"@id":"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/#primaryimage"},"thumbnailUrl":"https:\/\/trustcrypt.com\/wp-content\/uploads\/2025\/06\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges.webp","datePublished":"2025-06-26T13:24:00+00:00","author":{"@id":"https:\/\/trustcrypt.com\/#\/schema\/person\/469b1cf97b9f7ea4e4d7fa31689dfa9f"},"inLanguage":"ar","potentialAction":[{"@type":"ReadAction","target":["https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/"]}]},{"@type":"ImageObject","inLanguage":"ar","@id":"https:\/\/trustcrypt.com\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges\/#primaryimage","url":"https:\/\/trustcrypt.com\/wp-content\/uploads\/2025\/06\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges.webp","contentUrl":"https:\/\/trustcrypt.com\/wp-content\/uploads\/2025\/06\/severe-remote-code-execution-vulnerabilities-in-cisco-ise-and-ise-pic-enable-unauthenticated-access-to-root-privileges.webp","width":1792,"height":1024,"caption":"Severe Remote Code Execution Vulnerabilities in Cisco ISE and ISE-PIC Enable Unauthenticated Access to Root Privileges"},{"@type":"WebSite","@id":"https:\/\/trustcrypt.com\/#website","url":"https:\/\/trustcrypt.com\/","name":"Trustcrypt","description":"\u0627\u0644\u0623\u0645\u0646 \u0647\u0648 \u0627\u0633\u0645\u0646\u0627 \u0627\u0644\u062b\u0627\u0646\u064a","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/trustcrypt.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"ar"},{"@type":"Person","@id":"https:\/\/trustcrypt.com\/#\/schema\/person\/469b1cf97b9f7ea4e4d7fa31689dfa9f","name":"Trustscrypt","image":{"@type":"ImageObject","inLanguage":"ar","@id":"https:\/\/trustcrypt.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/4c36ff3376565a0f4981e9397667feb08d5e09acacce32a52ea4a3f628e03692?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4c36ff3376565a0f4981e9397667feb08d5e09acacce32a52ea4a3f628e03692?s=96&d=mm&r=g","caption":"Trustscrypt"},"sameAs":["http:\/\/trustcrypt.com"],"url":"https:\/\/trustcrypt.com\/ar\/author\/trustscrypt\/"}]}},"_links":{"self":[{"href":"https:\/\/trustcrypt.com\/ar\/wp-json\/wp\/v2\/posts\/2390","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/trustcrypt.com\/ar\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/trustcrypt.com\/ar\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/trustcrypt.com\/ar\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/trustcrypt.com\/ar\/wp-json\/wp\/v2\/comments?post=2390"}],"version-history":[{"count":0,"href":"https:\/\/trustcrypt.com\/ar\/wp-json\/wp\/v2\/posts\/2390\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/trustcrypt.com\/ar\/wp-json\/wp\/v2\/media\/2391"}],"wp:attachment":[{"href":"https:\/\/trustcrypt.com\/ar\/wp-json\/wp\/v2\/media?parent=2390"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/trustcrypt.com\/ar\/wp-json\/wp\/v2\/categories?post=2390"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/trustcrypt.com\/ar\/wp-json\/wp\/v2\/tags?post=2390"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}