- Cisco launches the solution for two defects in the identity services engine
- Failures allowed the execution of the remote code, the former confidential data and more
- The first clean version of Identity Services Engine is 3.4
Cisco has launched patches for two critical severity vulnerabilities that affect its identity service motor solution (ISE). Since they can abuse defects to execute arbitrary commands and steal confidential information, Cisco urged its users to apply corrections as soon as possible.
In a security notice, the giant of the networks first said that it poured a vulnerability of “deerialization of the java currents supplied by the user” tracked as CVE-2025-20124, and given a gravity score of 9.9/ 10 (critic). When sending a customary java object to an affected Cisco Ise API, an attacker could execute arbitrary commands and raise privileges.
The second defect is an authentication derivation error, which occurs since an API did not perform authorization verifications, or data provided by the user correctly validated. A threat actor could send a malicious HTTP request to the API on the device to activate it. This error is tracked as CVE-2025-20125, and was given a gravity score of 9.1/10 (critic).
Authentication is required
While these defects sound dangerous, they are not so easy to exploit. Cisco said the threat actors would still have to be authenticated, and with a reading administration account.
In fact, that means that withdrawing the attack is much more difficult, but it is not yet impossible. As The registration Correctly affirmed, cybercriminals can phish for login credentials, or simply buy them in the black market.
“It is worth noting that the NCC group blamed last year’s increase in ransomware attacks in part of the credentials committed, so it is not that these are too difficult to obtain. Dishonest experts can also abuse these holes, of course, ”said the publication.
In any case, Cisco has already come out with solutions, so the patch must be done as soon as possible. It was said that versions 3.0 – 3.3 were vulnerable, so users must ensure that they bring their software to version 3.4, at least. The good news is that there is still no evidence of abuse in nature.
Through The registration
