Cisco has released a security advisory addressing two vulnerabilities, affecting Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) .
- CVE-2025-20281 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability CVE-2025-20281 is an ‘API unauthenticated remote code execution’ vulnerability with a CVSSv3 score of 9.8. Successful exploitation could allow a remote, unauthenticated attacker to send crafted API requests, leading to arbitrary code execution (ACE) on the underlying operating system with root privileges.
Read more…
Source: NHS Digital
Sign up for our Newsletter
The latest news and insights delivered right to your inbox.
Related:
- Cisco Warns of Critical Vulnerability Revealed in ‘Vault 7’ Data Dump
March 20, 2017
Cisco Systems warned customers on Friday of a critical vulnerability that could allow an attacker to execute arbitrary code and obtain full control on more than 300 different models of its switches and routers. Cisco said it became aware of the vulnerability after WikiLeaks released its Vault 7 cache of documents that revealed the existence ...

