- Cisco poured a maximum defect that impacts the identity services engine and the passive identity connector of ISE
- The fault allowed threat actors to execute arbitrary code in the underlying operating system
- It was paved in versions 3.3 and 3.4
Recently, a maximum and patching vulnerability was recently discovered in Cisco Identity Services Engine (ISE) and Ise Passive Identity Connector (ISE-PIC). This defect allowed the threat actors to execute an arbitrary code, with high privileges, in the operating system of the devices that execute the tools.
ISE is a network management policy management and access control platform, which helps organizations centrally manage who and what can be connected to their network. The ISE-PIC, on the other hand, is a light service that collects identity information about users and devices without demanding that they be authenticated through traditional methods.
Both tools are usually used by IT equipment and Enterprise cybersecurity that manage large or complex network environments.
The importance of patching
Recently, the security researcher Kantaro Kawane, of the OGM cybersecurity, discovered insufficient validation of the input vulnerability provided by the user that could be exploited by submitting an API application designed. No valid credentials are required to abuse the defect.
They are traced as CVE-2025-20337, and it was given a gravity score of 10/10 (critic). It affects versions 3.3 and 3.4 of the tools, regardless of device configuration. However, the releases of 3.2 or more are not affected.
Cisco addressed defects in these versions:
– Cisco ISE or ISE-PIC DELEASE 3.3 (set at 3.3 PATCH 7)
– Cisco ISE or ISE-PIC DELEASE 3.4 (set at 3.4 PATCH 2)
The good news is that there is no evidence that vulnerability has been exploited in nature by malicious actors. However, cybercriminals are known for attacking organizations only after an error was made public, since many entities do not rush to apply the patches. By keeping hardware and software outdated, organizations maintain their rear doors open, and criminals are obtaining an easy way in the facilities.
Therefore, it would be a good practice to apply patches as soon as possible and prevent possible attacks.
Through The hacker news
