- Description
- A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain RADIUS requests. An attacker could exploit this vulnerability by sending a specific authentication request to a network access device (NAD) that uses Cisco ISE for authentication, authorization, and accounting (AAA). A successful exploit could allow the attacker to cause Cisco ISE to reload.
- Source
- psirt@cisco.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Primary
- Base score
- 8.6
- Impact score
- 4
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
- Severity
- HIGH
- psirt@cisco.com
- CWE-125
- Hype score
- Not currently trending
Cisco、ISEおよび統合管理製品に深刻な脆弱性を修正(CVE-2025-20152,CVE-2025-20113) #セキュリティ対策Lab #セキュリティ #Security https://t.co/02TIXQZees
@securityLab_jp
27 May 2025
30 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco Identity Services Engine RADIUS Denial of Service Vulnerability (CVE-2025-20152) #Cisco #CiscoIdentityServicesEngine #CVE202520152 #CyberSecurity https://t.co/YLNQlsyBkJ https://t.co/eS9asXuMUc
@SystemTek_UK
23 May 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades corregidas en productos de Cisco ❗CVE-2025-20152 ❗CVE-2025-20113 ➡️Más info: https://t.co/fPuCM36TC7 https://t.co/2sJaRANYn2
@CERTpy
22 May 2025
125 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Ciscoは、Identity Services Engine(ISE)における高深刻度の脆弱性(CVE-2025-20152)を公表した。認証不要のリモート攻撃によりサービス拒否(DoS)を引き起こす恐れがある。
@yousukezan
22 May 2025
3224 Impressions
0 Retweets
7 Likes
1 Bookmark
0 Replies
0 Quotes
Cisco patches reveal high-severity flaws in ISE & Unified Intelligence Center, including DoS (CVE-2025-20152) and privilege escalation risks. No active exploits are known. Stay vigilant! ⚠️ #CiscoVulns #CyberThreats #US https://t.co/kfGN4mwjiy
@TweetThreatNews
22 May 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20152 A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of … https://t.co/IRLjQWAC1E
@CVEnew
21 May 2025
211 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-20152: HIGH] Cisco ISE vulnerability alert! A flaw in RADIUS message processing could lead to a DoS attack on devices. Attackers can trigger this by exploiting authentication requests. Ensure you h...#cve,CVE-2025-20152,#cybersecurity https://t.co/2jdqXdUD1N https://t.c
@CveFindCom
21 May 2025
52 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes