AI description
CVE-2025-20282 is a vulnerability affecting Cisco Identity Services Engine (ISE) and Cisco ISE-PIC release 3.4. It stems from a lack of file validation checks in an internal API, which could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. Successful exploitation of this vulnerability could allow the attacker to store malicious files on the system and subsequently execute arbitrary code with root privileges, potentially leading to complete system compromise.
- Description
- A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and then execute those files on the underlying operating system as root. This vulnerability is due a lack of file validation checks that would prevent uploaded files from being placed in privileged directories on an affected system. An attacker could exploit this vulnerability by uploading a crafted file to the affected device. A successful exploit could allow the attacker to store malicious files on the affected system and then execute arbitrary code or obtain root privileges on the system.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 10
- Impact score
- 6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
- Severity
- CRITICAL
- psirt@cisco.com
- CWE-269
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
Cisco warns of two critical flaws (CVE-2025-20281, CVE-2025-20282, CVSS 10.0) in ISE and ISE-PIC allowing unauthenticated remote root code execution. Apply patches immediately. #CiscoISE #Cybersecurity #RCE #Vulnerability #PatchNow https://t.co/whpwExNLjP
@the_yellow_fall
29 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Warning: Two Critical Remote Code Execution vulnerabilities in @Cisco #ISE—CVE-2025-20281 (CVSS 9.8) and CVE-2025-20282 (CVSS 10)! These 0Days allow remote code execution as root and arbitrary file uploads. Immediate action required! #RCE #Patch https://t.co/RGvbHaYZhJ
@CCBalert
27 Jun 2025
102 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️Vulnerabilidades de Cisco ISE ❗CVE-2025-20282 ❗CVE-2025-20281 ➡️Más info: https://t.co/1qn7wszrOp https://t.co/ekoophUxLu
@CERTpy
27 Jun 2025
131 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️⚠️ CVE-2025-20281 and CVE-2025-20282(CVSS 10.0) Two Critical RCE Flaws Allow Unauthenticated Root Access 🎯742 Results are found on the https://t.co/pb16tGYaKe nearly year 🔗FOFA Link:https://t.co/sepwYVyBPu FOFA Query:app="CISCO-ISE" 🔖Refer:https://t.co/JVFLzIFb
@fofabot
27 Jun 2025
1514 Impressions
7 Retweets
22 Likes
2 Bookmarks
2 Replies
0 Quotes
🚨Alert🚨CVE-2025-20281 & CVE-2025-20282 :Unauthenticated Remote Code Execution Vulnerabilities affecting Cisco ISE and ISE-PIC. 📊1K+Services are found on the https://t.co/ysWb28Crld yearly. 🔗Hunter Link:https://t.co/dGTzo2tgAp 👇Query HUNTER : https://t.co/q9rtuG
@HunterMapping
27 Jun 2025
4442 Impressions
24 Retweets
91 Likes
27 Bookmarks
2 Replies
0 Quotes
Cisco warns of two critical flaws (CVE-2025-20281, CVE-2025-20282, CVSS 10.0) in ISE and ISE-PIC allowing unauthenticated remote root code execution. Apply patches immediately. #CiscoISE #Cybersecurity #RCE #Vulnerability #PatchNow https://t.co/CtXiW4Zxns
@the_yellow_fall
27 Jun 2025
861 Impressions
7 Retweets
9 Likes
2 Bookmarks
0 Replies
0 Quotes
⚠️ Critical Cisco ISE Alert! Two unauthenticated RCE flaws (CVE-2025-20281, CVSS 9.8; CVE-2025-20282, CVSS 10.0) threaten ISE 3.3 & 3.4. Attackers can gain root access. Patch now to protect your network! 🛡️ #Cisco #CyberThreat. https://t.co/qBXf2ItnJY
@CyberWolfGuard
26 Jun 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco issues urgent patches for critical RCE flaws in ISE and ISE-PIC (CVE-2025-20281 & CVE-2025-20282). Unauthenticated attackers could gain root access via input/file validation issues. Stay secure! 🚨 #Cisco #SecurityUpdate #USA https://t.co/UiK9mmn1oi
@TweetThreatNews
26 Jun 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Cisco released an advisory warning of a critical vulnerability, CVE-2025-20282 (CVSS 10), impacting Cisco ISE. CVE-2025-20282 is an unauthenticated remote code execution (RCE) vulnerability impacting Cisco ISE & ISE-PIC release 3.4, regardless of device configuration. https:
@BlackpointUS
26 Jun 2025
68 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨Critical Cisco ISE Vulnerabilities, CVE-2025-20281 & CVE-2025-20282 Two unauthenticated RCE flaws have been disclosed in Cisco ISE and ISE-PIC, allowing remote attackers to execute commands as root without credentials. CVE-2025-20281 • Affects: ISE 3.3 & 3.4 •
@DarkWebInformer
26 Jun 2025
6368 Impressions
25 Retweets
75 Likes
24 Bookmarks
0 Replies
0 Quotes
🚨Upozorňujeme na dvě zranitelnost v Cisco Identity Service Engine: CVE-2025-20281: Neautentizovaný vzdálený útočník může v Cisco ISE kvůli nedostatečné validaci vstupů ve veřejné API pomocí speciálně vytvořených API požadavků spustit libovolný kód. CV
@GOVCERT_CZ
26 Jun 2025
811 Impressions
5 Retweets
4 Likes
0 Bookmarks
1 Reply
0 Quotes
CVE-2025-20281 & CVE-2025-20282: Cisco ISE Bugs With 10/10 Severity #CiscoISE #CyberSecurity #CVE202520281 #CVE202520282 #RemoteCodeExecution #PatchNow #NetworkSecurity #InfoSec #VulnerabilityAlert #ZeroDay https://t.co/IwkA0VvQAG
@cyashadotcom
26 Jun 2025
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
シスコ社がCisco ISE及びISE-PICにおけるCVSSスコア10の脆弱性2件を修正。CVE-2025-20281は脆弱なAPIによるroot権限での遠隔コード実行。CVE-2025-20282は未認証の攻撃者が内部API経由でファイルをアップロードしてrootとし
@__kokumoto
26 Jun 2025
2278 Impressions
10 Retweets
23 Likes
5 Bookmarks
0 Replies
1 Quote
Critical Cisco ISE Vulnerabilities Allow Remote Code Execution Cisco has released patches for two critical vulnerabilities in Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), tracked as CVE-2025-20281 and CVE-2025-20282, both rated 10/10 in severity.
@dCypherIO
26 Jun 2025
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⭕ Cisco ISE RCE Vulnerability Allows Command Execution as Root User | Read more: https://t.co/FwighL15WL 1. Two maximum-severity flaws (CVE-2025-20281 and CVE-2025-20282) allow remote root access to Cisco ISE systems. 2. Attackers can exploit these remotely without any https:/
@The_Cyber_News
26 Jun 2025
528 Impressions
2 Retweets
6 Likes
1 Bookmark
1 Reply
0 Quotes
CVE-2025-20282 A vulnerability in an internal API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device and … https://t.co/SImohvPJem
@CVEnew
25 Jun 2025
267 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-20282: CRITICAL] Critical vulnerability in Cisco ISE and ISE-PIC APIs allows remote attackers to upload and execute arbitrary files as root. Update systems immediately to protect against exploits.#cve,CVE-2025-20282,#cybersecurity https://t.co/zY4yVcRQzg https://t.co/tQ
@CveFindCom
25 Jun 2025
106 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D23905E0-E525-49B1-8E5F-4EB42D186768"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine:3.4.0:patch1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "74509498-38EF-4345-9583-CEF5C26CA1D8"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:-:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CC0525FD-C4D7-4B48-BF35-1791391AB148"
},
{
"criteria": "cpe:2.3:a:cisco:identity_services_engine_passive_identity_connector:3.4.0:patch1:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68C96F6B-51EE-4D03-9598-CBFD16DA22EF"
}
],
"operator": "OR"
}
]
}
]