Critical Vulnerabilities in Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC)

26 June 2025

Cisco has released security updates addressing multiple critical vulnerabilities in their ISE and ISE-PIC. Users and administrators of affected products are advised to update to the latest versions.

Background

Cisco has released security updates addressing multiple critical vulnerabilities (CVE-2025-20281 and CVE-2025-20282) in their Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC).

Impact

The vulnerabilities are:

CVE-2025-20281: Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to perform arbitrary code execution with root privileges. The vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10.
CVE-2025-20282: Successful exploitation of the vulnerability could allow an unauthenticated, remote attacker to upload and execute malicious files on the vulnerable product with root privileges. The vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 10 out of 10.

Affected Products

The critical vulnerabilities affect the following products:

CVE-2025-20281

Cisco ISE versions 3.3 and 3.4
Cisco ISE-PIC versions 3.3 and 3.4

CVE-2025-20282

Cisco ISE version 3.4
Cisco ISE-PIC version 3.4

Mitigation Measures

Users and administrators of affected products are advised to update to the latest versions.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6

https://nvd.nist.gov/vuln/detail/CVE-2025-20281

https://nvd.nist.gov/vuln/detail/CVE-2025-20282

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Critical Vulnerabilities in Cisco Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC)

Reach us